Multiple linux image vulnerabilites shown in output
52 views
Skip to first unread message
Marco Siekmann
Dec 17, 2024, 9:25:11 AM12/17/24
to Wazuh | Mailing List
Hello,
we are observing different versions of linux-image output in the new vulnerability module.
Hence if multiple linux-images are installed, only the active one should be used for vulnerability detection from my point of view.
Hence if multiple linux-images are installed, only the active one should be used for vulnerability detection from my point of view.
See attached screenshot for the details with 2 differnt images installed on a system, which is the case after updating that module.
Could this be prevented with the vulnerability module somehow?
Are all the events for an agent still in the open/active status and not solved yet?
Message has been deleted
Message has been deleted
Message has been deleted
Message has been deleted
Message has been deleted
Francis Timilehin Jeremiah
Dec 17, 2024, 11:58:02 PM12/17/24
to Wazuh | Mailing List
Hello Marco,
The Wazuh Vulnerability Detection module detects packages installed on an endpoint whether it is active or not. After patching a package, the vulnerability should disappear from the Wazuh dashboard. I hope it helps!
Reply all
Reply to author
Forward
0 new messages