Windows 11 Vulnerability
27 views
Skip to first unread message
Thomas McFarland
Nov 26, 2024, 5:20:10 AM11/26/24
to Wazuh | Mailing List
I have agents reporting vulnerability's from Windows Server 2022 and the Linux server. I cannot get my Windows 11 Enterprise Laptop to report in vulnerabilities. I have checked the ossec.log and all I can see is this over and over:
2024/11/26 10:14:10 wazuh-modulesd:vulnerability-scanner[870878] osScanner.hpp:244 at operator()(): DEBUG: No match due to default status for OS: windows_11_23h2, Version: 10.0.22631.4460 while scanning for Vulnerability: CVE-2024-49039
2024/11/26 10:14:10 wazuh-modulesd:vulnerability-scanner[870878] osScanner.hpp:97 at operator()(): DEBUG: Scanning OS - 'windows_11_23h2' (Installed Version: 10.0.22631.4460, Security Vulnerability: CVE-2024-49046). Identified vulnerability: Version: 0. Required Version Threshold: 10.0.22631.4460. Required Version Threshold (or Equal): .
2024/11/26 10:14:10 wazuh-modulesd:vulnerability-scanner[870878] osScanner.hpp:244 at operator()(): DEBUG: No match due to default status for OS: windows_11_23h2, Version: 10.0.22631.4460 while scanning for Vulnerability: CVE-2024-49039
2024/11/26 10:14:10 wazuh-modulesd:vulnerability-scanner[870878] osScanner.hpp:97 at operator()(): DEBUG: Scanning OS - 'windows_11_23h2' (Installed Version: 10.0.22631.4460, Security Vulnerability: CVE-2024-49046). Identified vulnerability: Version: 0. Required Version Threshold: 10.0.22631.4460. Required Version Threshold (or Equal): .
Stuti Gupta
Nov 26, 2024, 5:30:15 AM11/26/24
to Wazuh | Mailing List
Hi Thomas,
It seems the vulnerability detection is working fine.
I would like to ask you for the following information: List of hotfixes, and information about the installed packages.
You can obtain this information using the API as follows (for example, from the WUI you can use the following tool to run the queries:
Server Management -> Dev Tools ->:
Hotfixes: GET /syscollector/<agent_id>/hotfixes
Packages: GET /syscollector/<agent_id>/packages
For example:
GET /syscollector/002/ hotfixes
GET /syscollector/002/packages
I believe you might have updated the patch of OS and up-to-date packages of software.
You can further download an old version of the package and validate if it was detected by the Wazuh vulnerability scan.
You can install the older version of VLC and wait for the next scans and let me know if vulnerabilities are detected.
https://www.videolan.org/vlc/releases/2.0.0.html
Let us know the update so we can assist you further.
It seems the vulnerability detection is working fine.
I would like to ask you for the following information: List of hotfixes, and information about the installed packages.
You can obtain this information using the API as follows (for example, from the WUI you can use the following tool to run the queries:
Server Management -> Dev Tools ->:
Hotfixes: GET /syscollector/<agent_id>/hotfixes
Packages: GET /syscollector/<agent_id>/packages
For example:
GET /syscollector/002/ hotfixes
GET /syscollector/002/packages
I believe you might have updated the patch of OS and up-to-date packages of software.
You can further download an old version of the package and validate if it was detected by the Wazuh vulnerability scan.
You can install the older version of VLC and wait for the next scans and let me know if vulnerabilities are detected.
https://www.videolan.org/vlc/releases/2.0.0.html
Let us know the update so we can assist you further.
Reply all
Reply to author
Forward
0 new messages