Vulnerability OS reporting inaccurate or not meaningful in Fleet #17110
Labels
~backend
Backend-related issue.
bug
Something isn't working as documented
customer-stazzema
#g-endpoint-ops
Endpoint ops product group
:release
Ready to write code. Scheduled in a release. See "Making changes" in handbook.
~released bug
This bug was found in a stable release.
~vulnerability-management
Milestone
Fleet version:
Reported running in Fleet 4.44
Web browser and operating system:
Current release
💥 Actual behavior
The reported OS version is incomplete and lists lots of erroneous vulnerabilities for the OS. Taking all vulns and not seeming to exclude older versions in Fleet.
The tagged client has examples:
OS Windows 10 Pro 10.0.19045, which has CVEs dating back to 2021, but by looking at the full OS version of a sample host, it's actually 10.0.19045.3930, which is a Jan 2024 update. The information seems inconsistent or not too helpful.
When the version is correctly identified, is pulling 551 vulns for a most recent CU
And previous version reports same 551 vulns
Windows 11 seems to be fine, could be Windows 10 related
🧑💻 Steps to reproduce
🕯️ More info (optional)
The text was updated successfully, but these errors were encountered: