Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing Nodejs CVE-2022-0778 vulnerability for Windows agent #23192

Closed
Rebits opened this issue Apr 30, 2024 · 1 comment
Closed

Missing Nodejs CVE-2022-0778 vulnerability for Windows agent #23192

Rebits opened this issue Apr 30, 2024 · 1 comment
Assignees
@sebasfalcone
Labels
level/task type/bug Something isn't working

Comments

@Rebits
Copy link
Member

Rebits commented Apr 30, 2024
edited

Wazuh version Component Install type Install method Platform
4.8.0-beta6 Vulnerability Detection Manager Packages Ubuntu 22

During Additional E2E Tests for Vulnerability Detector it has been detected that CVE-2022-0778 vulnerability is not triggered in the Windows Server host

Related: #22906

Environment

manager1:
    roles: [manager, filebeat, indexer]
    os: ubuntu_22
    type: master

manager2:
    roles: [manager, filebeat]
    os: ubuntu_22
    type: worker

agent1:
    roles: [agent]
    os: centos_7
    manager: manager1

agent2:
    roles: [agent]
    os: windows_11
    manager: manager2

agent3:
    roles: [agent]
    os: ubuntu_22
    manager: manager1

agent4:
    roles: [agent]
    os: centos_7
    manager: manager1
    architecture: arm64v8

agent5:
    roles: [agent]
    os: ubuntu_22
    manager: manager2
    architecture: arm64v8

agent6:
    roles: [agent]
    os: macos_1400
    manager: manager1
    architecture: arm64v8

Evidences

Node.js Package: https://nodejs.org/dist/v17.0.1/node-v17.0.1-x64.msi
Windows Logs: WindowsAgentLogs.zip
Manager logs: WorkerLogs.zip
Triggered Node.js vulnerabilities:

    "agent2": [
        [
            "CVE-2021-4044",
            "Node.js",
            "17.0.1",
            "x86_64"
        ],
        [
            "CVE-2021-44531",
            "Node.js",
            "17.0.1",
            "x86_64"
        ],
        [
            "CVE-2021-44532",
            "Node.js",
            "17.0.1",
            "x86_64"
        ],
        [
            "CVE-2021-44533",
            "Node.js",
            "17.0.1",
            "x86_64"
        ],
        [
            "CVE-2022-21824",
            "Node.js",
            "17.0.1",
            "x86_64"
        ]
    ]
@Rebits Rebits added type/bug Something isn't working level/task labels Apr 30, 2024
@sebasfalcone
Copy link
Member

The failure is due to a misalignment on the generated feed:

                        {
                            "lessThan": "17.7.2",
                            "status": "affected",
                            "version": "(17.0.0)",
                            "versionType": "custom"
                        },

The affected entry contains invalid characters in the version (brackets)

This makes the comparison fail:

2024/04/29 13:20:39 wazuh-modulesd:vulnerability-scanner[76587] versionMatcher.hpp:201 at createVersionObject(): DEBUG: Error creating VersionObject (DPKG). Version string doesn't match the specified type. Version string: (17.0.0)

This issue will be addressed at:

@sebasfalcone sebasfalcone closed this as not planned Won't fix, can't repro, duplicate, stale Apr 30, 2024
@sebasfalcone sebasfalcone self-assigned this Apr 30, 2024
@Rebits Rebits mentioned this issue Apr 30, 2024
Closed
@juliamagan juliamagan mentioned this issue Jun 3, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sebasfalcone sebasfalcone

Labels
level/task type/bug Something isn't working
Projects
Release 4.8.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rebits @sebasfalcone