LeakIX findings do not show the host for which the vulnerability was found.

[stephanie0x00]

Describe the bug When the LeakIX boefje retrieved data and parsed this into findings it shows the finding, however the host for which this finding is applicable, is missing in the Finding name. As can be shown below. You can see that for other issues the hostname is shown, but for the LeakIX boefje it shows the apache version. Snyk.io findings show up by saying: Snyk @Bootstrap 1.2.3 @Hostname (example, might be slightly different). Which would be a proper solution for LeakIX as well.

To Reproduce Steps to reproduce the behavior:

1. Scan a host which contains findings with LeakIX (findings in the LeaxIX database, message me if you need a hostname).
2. Observe that the findings are without the hostname.

Expected behavior Findings always contain the host to which it is applicable.

OpenKAT version main

[underdarknl]

The human readable name for each finding is produced with the following code:

return f"{finding_type} @ {ooi_reference.human_readable}"

In this the first part is the finding_type (eg, the specific cve, or the specific leakix type), followed by the name of the referenced part.

For CVE's and LeakIX findings, they reference the Software, and the software in turn (back)references the SoftwareInstance. The softwareInstance then contains a reference to the location (host, url, etc). The back-reference from software-instance to software is because there might be many locations where we found (in your case) Apache 2.4.57, All of which are susceptible to CVE-2023-30943.

Knowing which software instance to show from the vantage point of the Finding itself is impossible, since there might be many.