search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.04k stars 422 forks source link

False Positive assigned to Obsidian installation package #22944

Open rebeccaui opened 12 hours ago

rebeccaui commented 12 hours ago

Fleet version: 4.54.1

Web browser and operating system: macOS 15.0.1 (24A348)

💥  Actual behavior

A CVE is being incorrectly assigned to an Obsidian installation.

image

{
  "count": 1,
  "counts_updated_at": "2024-10-15T13:03:18Z",
  "software": [
    {
      "id": 2203,
      "name": "obsidian",
      "version": "1.5.3",
      "source": "homebrew_packages",
      "browser": "",
      "generated_cpe": "cpe:2.3:a:plesk:obsidian:1.5.3:*:*:*:*:*:*:*",
      "vulnerabilities": [
        {
          "cve": "CVE-2023-24044",
          "details_link": "https://nvd.nist.gov/vuln/detail/CVE-2023-24044",
          "created_at": "2024-10-10T21:03:15Z",
          "cvss_score": 6.1,
          "epss_probability": 0.00185,
          "cisa_known_exploit": false,
          "cve_published": "2023-01-22T03:15:00Z",
          "cve_description": "A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header. NOTE: the vendor's position is \"the ability to use arbitrary domain names to access the panel is an intended feature.\"",
          "resolved_in_version": ""
        }
      ],
      "hosts_count": 1
    }
  ],
  "meta": {
    "has_next_results": false,
    "has_previous_results": false
  }
}

🧑‍💻  Steps to reproduce

  1. TODO
  2. TODO

🕯️ More info (optional)

N/A

JoStableford commented 11 hours ago

Linked to Unthread ticket:

Request to Dismiss First Entry and Address False Positive #3054)