New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE not detected but present in database #980
Comments
Vuls uses OVAL data to scan RHEL and CentOS7. CVE-2020-11651 is not in OVAL for Red Hat Enterprise Linux 7.
https://access.redhat.com/security/cve/cve-2020-11651 According to the Red Hat page, CVE-2020-11651 does not seem to affect RHEL7. |
Hi, I understand that CVE-2020-1165 does not affect RHEL7 product, but it affects saltstack that can be installed on RHEL7 with saltstask redhat repository. |
Yes, it's difficult without that database. I don't know if the database is public. Or, try the following and let me know the results. Will CVE-2020-1165 be detected when the following command is issued?
If CVE-2020-1165 can be detected above, it can be achieved by executing the above command on the server to be scanned. Additional implementation is needed though. |
Hello, I used Vuls to find the vulnerability CVE-2020-11651. However, it does not work, the version of the package and CVE is well found but nothing does not appear in the report.
Package
Package is found inside the /results/.json
"salt":{ "name":"salt", "version":"2017.7.5", "release":"1.el7", "newVersion":"", "newRelease":"", "arch":"noarch", "repository":"", "changelog":{ "contents":"", "method":"" } }, "salt-master":{ "name":"salt-master", "version":"2017.7.5", "release":"1.el7", "newVersion":"", "newRelease":"", "arch":"noarch", "repository":"", "changelog":{ "contents":"", "method":"" } }
CVE
CVE can be found in the cve.sqlite3
OVAL
Result
CVE is not detected and does not appear with $ ./report.sh | grep 2020-11651
Config
[servers]
[servers.x-x-x-x]
host = "x.x.x.x"
port = "22"
user = "root"
keyPath = "/root/.ssh/id_rsa"
[exploit]
type = "sqlite3"
sqlite3Path = "/vuls/go-exploitdb.sqlite3"
[cveDict]
type = "sqlite3"
sqlite3Path = "/vuls/cve.sqlite3"
[ovalDict]
type = "sqlite3"
sqlite3Path = "/vuls/oval.sqlite3"
The text was updated successfully, but these errors were encountered: