Test document
...
View file | ||||
---|---|---|---|---|
|
Pass (16/16 test cases)
Bluval Tests
Vuls
Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/robot-family/sses-vuls/
...
There are 23 CVEs with a CVSS score >= 9.0. These are exceptions requested here:
Release 5: Akraino CVE Vulnerability Exception Request
CVE-ID | CVSS | NVD | Fix/Notes | PACKAGES |
CVE-2016-1585 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-1585 | No fix available | apparmor |
CVE-2017-18201 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-18201 | No fix available | libcdio17 |
CVE-2017-7827 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-7827 | No fix available | libmozjs-52-0 |
CVE-2018-5090 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-5090 | Reported fixed in 58 and later version (installed), but still reported by Vuls | libmozjs-52-0 |
CVE-2018-5126 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-5126 | Reported fixed in 58 and later version (installed), but still reported by Vuls | libmozjs-52-0 |
CVE-2018-5145 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-5145 | Reported fixed in 1:52.7.0 and later version (installed), but still reported by Vuls | libmozjs-52-0 |
CVE-2018-5151 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-5151 | Reported fixed in 60 and later version (installed), but still reported by Vuls | libmozjs-52-0 |
CVE-2019-17041 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-17041 | No fix available | rsyslog |
CVE-2019-17042 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-17042 | No fix available | rsyslog |
CVE-2021-31870 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-31870 | No fix available | klibc-utils, libklibc |
CVE-2021-31872 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-31872 | No fix available | klibc-utils, libklibc |
CVE-2021-31873 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-31873 | No fix available | klibc-utils, libklibc |
CVE-2021-39713 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-39713 | No fix available | linux-image-5.4.0-1055-raspi |
CVE-2022-22822 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22822 | install firefox 99.0+build2-0ubuntu0.18.04.2 > 98(fix version) | firefox |
CVE-2022-22823 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22823 | install firefox 99.0+build2-0ubuntu0.18.04.2 > 98(fix version) | firefox |
CVE-2022-22824 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-22824 | install firefox 99.0+build2-0ubuntu0.18.04.2 > 98(fix version) | firefox |
CVE-2022-23852 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23852 | No fix available | firefox, thunderbird |
CVE-2022-23990 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23990 | No fix available | firefox, thunderbird |
CVE-2022-25235 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25235 | No fix available | firefox, thunderbird |
CVE-2022-25236 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25236 | No fix available | firefox, thunderbird |
CVE-2022-25315 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-25315 | No fix available | firefox, thunderbird |
CVE-2016-9180 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2016-9180 | No fix available | libxml-twig-perl |
CVE-2019-20433 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2019-20433 | No fix available | aspell |
...
There are 30 CVEs with a CVSS score >= 9.0. These are exceptions requested here:
Release 5: Akraino CVE Vulnerability Exception Request
CVE-ID | CVSS | NVD | Fix/Notes | PACKAGES |
CVE-2005-2541 | 10.0 | https://nvd.nist.gov/vuln/detail/CVE-2005-2541 | No fix available | tar |
CVE-2014-2830 | 10.0 | https://nvd.nist.gov/vuln/detail/CVE-2014-2830 | No fix available | cifs-utils |
CVE-2016-1585 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2016-1585 | No fix available | libapparmor1 |
CVE-2017-17479 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-17479 | No fix available | libopenjp2-7 |
CVE-2017-9117 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2017-9117 | No fix available | libtiff5 |
CVE-2018-13410 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2018-13410 | No fix available | zip |
CVE-2019-1010022 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-1010022 | No fix available | libc-bin, libc-dev-bin, libc-devtools, libc-l10n, libc6, libc6-dbg, libc6-dev, locales |
CVE-2019-8341 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2019-8341 | No fix available | python3-jinja2 |
CVE-2020-27619 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2020-27619 | No fix available | python3.9 |
CVE-2021-29462 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-29462 | No fix available | libixml10, libupnp13 |
CVE-2021-29921 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-29921 | Reported fixed in python3.9 (installed), but still reported by Vuls | python3.9 |
CVE-2021-30473 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30473 | No fix available | libaom0 |
CVE-2021-30474 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30474 | No fix available | libaom0 |
CVE-2021-30475 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30475 | No fix available | libaom0 |
CVE-2021-30498 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30498 | No fix available | libcaca0 |
CVE-2021-30499 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-30499 | No fix available | libcaca0 |
CVE-2021-3756 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-3756 | install libmysofa 1.2.1 | libmysofa1 |
CVE-2021-42377 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-42377 | No fix available | busybox |
CVE-2021-45951 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45951 | No fix available | dnsmasq |
CVE-2021-45952 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45952 | No fix available | dnsmasq |
CVE-2021-45953 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45953 | No fix available | dnsmasq |
CVE-2021-45954 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45954 | No fix available | dnsmasq |
CVE-2021-45955 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45955 | No fix available | dnsmasq |
CVE-2021-45956 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2021-45956 | No fix available | dnsmasq |
CVE-2022-0318 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-0318 | unistall vim | vim |
CVE-2022-23303 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23303 | No fix available | hostapd, wpasupplicant |
CVE-2022-23304 | 9.8 | https://nvd.nist.gov/vuln/detail/CVE-2022-23304 | No fix available | hostapd, wpasupplicant |
CVE-2021-22945 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-22945 | unistall curl | curl |
CVE-2021-4048 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-4048 | No fix available | libblas3, liblapack3 |
CVE-2021-43400 | 9.1 | https://nvd.nist.gov/vuln/detail/CVE-2021-43400 | No fix available | bluez |
...
The initial results compare with the Lynis Incubation: PASS/FAIL Criteria, v1.0 as follows.
IoT Gateway
The Lynis Program Update test MUST pass with no errors.
Code Block |
---|
2022-03-29 22:55:42 Test: Checking for program update... 2022-03-29 22:55:43 Current installed version : 308 2022-03-29 22:55:43 Latest stable version : 307 2022-03-29 22:55:43 No Lynis update available. |
...
Fix: Download and run the latest Lynis directly on SUT.
Steps To Implement Security Scan Requirements#InstallandExecute
The following list of tests MUST complete as passing
...
PC/Server for robot control
The Lynis Program Update test MUST pass with no errors.
Code Block |
---|
2022-03-23 05:13:56 Test: Checking for program update... 2022-03-23 05:14:03 Current installed version : 308 2022-03-23 05:14:03 Latest stable version : 307 2022-03-23 05:14:03 No Lynis update available |
...
Fix: Download and run the latest Lynis directly on SUT.
Steps To Implement Security Scan Requirements#InstallandExecute
The following list of tests MUST complete as passing
...