search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.11k stars 427 forks source link

Vuln false positive - iCloud+.app and iCloud.app vulnerability CVE does not apply to MacOS #11979

Closed Patagonia121 closed 1 year ago

Patagonia121 commented 1 year ago

🧑‍💻  Expected behavior

If a CVE specifies an affected OS, I expect Fleet not to flag the CVE on unaffected OS's

💥  Actual behavior

NVD description does not specify the OS impacted as per Apple's release notes therefore Fleet applies the CVE to unaffected OS's. Fleet has not reproduced this, this was reported by a customer

iCloud.app and iCloud+.app: CVE-2016-4613 CVE-2016-4692 CVE-2016-4743 CVE-2016-7578 CVE-2016-7583 CVE-2016-7586 CVE-2016-7587 CVE-2016-7589 CVE-2016-7592 CVE-2016-7598 CVE-2016-7599 CVE-2016-7610 CVE-2016-7611 CVE-2016-7614 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7640 CVE-2016-7641 CVE-2016-7642 CVE-2016-7645 CVE-2016-7646 CVE-2016-7648 CVE-2016-7649 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2017-13797 CVE-2017-2366 CVE-2017-2383

👣 Reproduction steps

More info

zayhanlon commented 1 year ago

@juan-fdz-hawa I'm not sure what we can do in this scenario because its not specfically a Fleet mapping, more a piece of missing information from NVD. Let me know your thoughts

fleet-release commented 1 year ago

In Fleet's vast cloud realm, CVEs correctly flagged, Peace for MacOS helm.