Closed Rebits closed 1 week ago
This issue is probably related to how the wazuh-db returns the os information during a rescan after the on/off of the VD feature.
@sebasfalcone priority on this, please.
2384 vulnerabilities detected
78 vulnerabilities for Ubuntu 22 2139 vulnerabilities for Centos 9 167 vulnerabilities for Windows 11
2384 vulnerabilities detected
78 vulnerabilities for Ubuntu 22 2139 vulnerabilities for Centos 9 167 vulnerabilities for Windows 11
The issue is easily reproduced
Not only for Windows
Multiple errors showed up when editing the yaml file in QA integration tests
Description
In Release 4.8.0 - RC 1 - Vulnerability Detection E2E tests It was noted that the vulnerability detector identified distinct vulnerabilities depending on whether the module was activated before or after agents were registered.
This discrepancy in results could potentially be attributed to the adequacy of the timeout duration allocated for the E2E tests. Given a duration of 3 minutes per agent, certain vulnerabilities may not have been fully explored within this timeframe. Moreover, variations in architectures further compounded the issue. For instance, in the case of a Windows agent, the detector identified one architecture as "" when vulnerability detection was disabled prior to agent initialization, whereas it detected "x86_64" under different circumstances. Further research is required
CVE-2024-21412
Evidences
Report: https://github.com/wazuh/wazuh/files/15234960/Test_e2e_system_284_test_vulnerability_detector.zip