Vulnerability scanner - no official fix
105 views
Skip to first unread message
German DiCasas
Dec 17, 2025, 4:14:15 PM12/17/25
to Wazuh | Mailing List
Hi team,
I have the wazuh 4.14 and I can see all the vulnerabilities over my linux sistems. But I can see that sometimes the vulnerability is show but there are no fix to fix that .
There are any way to see the vulnerabilities list but with another column with that situation ? I mean, if the vulnerability have or not a fix?
There are any way to see the vulnerabilities list but with another column with that situation ? I mean, if the vulnerability have or not a fix?
Regards
German
Alcides Moreno
Dec 17, 2025, 10:46:05 PM12/17/25
to Wazuh | Mailing List
It is normal to see vulnerabilities listed without an available fix.
This happens because Wazuh synchronizes its database directly with the operating system vendors' security feeds. Sometimes vendors identify a security issue but have not yet released a patch for it, or they may still be working on the update.
The system shows you these alerts to ensure you have visibility into your risk profile, even if there isn't an immediate technical action you can take to resolve it via an update.
Whenever the vulnerability gets fixed, it will disappear from your Inventory.
Best regards,
Alcides.
German DiCasas
Dec 18, 2025, 8:45:14 AM12/18/25
to Wazuh | Mailing List
Yes, that is correct but what about to have another variable to check if exist or not the vendor fix? Its posible?
I mean, Wazuh can identify if the vendedor fix exist or not? If so, what variable is?
I mean, Wazuh can identify if the vendedor fix exist or not? If so, what variable is?
Regards
German
Alcides Moreno
Dec 19, 2025, 12:51:04 AM12/19/25
to Wazuh | Mailing List
Hello German,
You can open Vulnerability Detection -> Inventory -> Available Fields and toggle the field named vulnerability.under_evaluation, which indicates true when there is no fix, and indicates false when there is a fix.
Best regards,
Alcides
German DiCasas
Dec 22, 2025, 11:13:58 AM12/22/25
to Wazuh | Mailing List
Good to know that..
Does the vulnerability take into account the structure on which Linux is installed? I mean, is it a Linux AWS, Linux Azure, etc.
Jose Camargo
Dec 22, 2025, 2:42:20 PM12/22/25
to Wazuh | Mailing List
Hi German,
It takes the distro into consideration but not where it is installed. It's the same Red Hat (for example) if deployed in AWS or Azure.
German DiCasas
Dec 23, 2025, 11:13:21 AM12/23/25
to Wazuh | Mailing List
I have a CVE that is CVE-2025-9086 over a
Ubuntu 22.04.5 LTS (Jammy Jellyfish). Wazuh 4.14.1 show
vulnerability.under_evaluation=false. But , the vendor have no fix for that CVE for now. So, I do not understand "
the field named vulnerability.under_evaluation, which indicates true when there is no fix, and indicates false when there is a fix. ". I added a image that show that cve
How can I filter if the fix exist or not? I would like to have a list of vulnerabilities that can be fixed and others that are still under review.
How can I filter if the fix exist or not? I would like to have a list of vulnerabilities that can be fixed and others that are still under review.
Regards,
German
German DiCasas
Dec 29, 2025, 2:58:29 PM12/29/25
to Wazuh | Mailing List
HI, there are any filter for that?
Regards
Regards
German
German DiCasas
Jan 13, 2026, 4:03:13 PM (yesterday) Jan 13
to Wazuh | Mailing List
Hi Jose, can you check it?
Let me know.
Regards
German
Reply all
Reply to author
Forward
0 new messages