Incorrect logic check for vulnerable OS
LalaNguyen opened this issue · comments
Minh Nguyen commented
Hi, the following code marks a patched OS as vulnerable and a vulnerable one as patched.
...
if (supersedence.Intersect(installedKBs).Any())
{
vulnerabilities.SetAsVulnerable(name);
}
...
The supersedence
stores a list of known KBs for a particular CVE. The installedKBs
stores a list of KBs extracted from the target machine. Since we are enumerating for missing KBs, if none of installedKBs
is presented in supersedence
, the OS is considered as vulnerable. I think the correct one is:
...
if (!supersedence.Intersect(installedKBs).Any())
...
Bests.
zoork11 commented
I thought i was stupid reading that code while adding a new vulnerability. Checked it and indeed it is doing the opposite as expected.