Wrong data.vulnerability.severity value compared to cvss3 score
65 views
Skip to first unread message
Daniel D'Angeli
Feb 24, 2022, 10:26:06 AM2/24/22
to Wazuh mailing list
Hi,
there is a huge problem with the data.vulnerability.severity value, in the following image you can see CVE that appear as Medium but have much higher score on the NVD database.
The first row should appear as High and the second one should be Critical. This means that the data.vulnerabililty.severity is not a guarantee to look at.
Regards,
Daniel D.
Matias Pereyra
Mar 2, 2022, 5:15:16 PM3/2/22
to Wazuh mailing list
Hello!
Thank you very much for reporting this situation.
We are aware of this issue and it was reported here CVSS score and severity mismatch on RHEL feed based agents for vulnerability detector.
Thank you very much for reporting this situation.
We are aware of this issue and it was reported here CVSS score and severity mismatch on RHEL feed based agents for vulnerability detector.
We'll solve this as soon as possible, I apologize for the inconveniences.
Regards.
Daniel D'Angeli
Mar 3, 2022, 5:38:45 AM3/3/22
to Wazuh mailing list
Hi,
got it thanks.
Regards,
Daniel D.
Reply all
Reply to author
Forward
0 new messages