Skip to content

CVE/IP Exception list #59

New issue
New issue
Open
Open
CVE/IP Exception list#59
@jvolt

Description

@jvolt
jvolt
opened on Apr 23, 2020

Hello, this is a feature request.

Is it possible to add some kind of exception list?
I have been using Flan for scanning a bunch of servers, but there are many false-positive results, ie:

Flan results the following:
OpenSSH 7.4 (cpe:/a:openbsd:openssh:7.4)
CVE-2017-15906 Medium (5.0)
Summary:The process open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

But Redhat says this server isnt affected ( https://access.redhat.com/security/cve/cve-2019-16905 ).

So, it would be nice if there was a, exception list. Adding that server IP and CVE code to an exception list would avoid reporting that false-positive again.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions