packetchaos
commented
1 year ago Thank you for submitting your bug request. I found the bug and resolved it. I'm closing the ticket. Please uninstall and reinstall version 7.1.4 now on pypi.
Closed wattwood closed 1 year ago
packetchaos
commented
1 year ago Thank you for submitting your bug request. I found the bug and resolved it. I'm closing the ticket. Please uninstall and reinstall version 7.1.4 now on pypi.
If a server shows more then one IP address, there's the potential for the asset UUID to mismatch the asset IP address. This results in issues exporting vulnerabilities for assets or running navi ip {ip} commands. Additional functionality may be impacted, I have not tested other commands.
https://github.com/packetchaos/navi/blob/master/navi/plugins/ip.py db_query("SELECT uuid from assets where ip_address='" + ipaddr + "';")
root@9f626eda009d:/usr/src/app# navi ip 10.222.109.214 -vulns root@9f626eda009d:/usr/src/app#
root@9f626eda009d:/usr/src/app# navi find query "SELECT uuid from assets where ip_address=\"10.222.109.214\"" []
Data example: navi find query "select asset_uuid, asset_ip, asset_hostname, first_found, severity, state, cves, score, exploit from vulns where asset_ip = \"10.222.109.214\" and severity=\"high\"" [('3ce9c89a-4ec7-45ba-a8bc-b0aefc8e788b', '10.222.109.214', '10-222-109-214.domain', '2022-08-21T09:41:11.137Z', 'high', 'OPEN', "['CVE-2021-44832']", '7.4', 'False'),
navi find query "SELECT ip_address, uuid, fqdn from assets where uuid=\"3ce9c89a-4ec7-45ba-a8bc-b0aefc8e788b\"" [('172.26.64.1', '3ce9c89a-4ec7-45ba-a8bc-b0aefc8e788b', '10-222-109-214.domain')]