Cve 2020-17008

Hi guys,

I was wandering is CVE 2020-17008 false positive? I’m using Greenbone Security Manager, Greenbone OS 6.0.10, and keep getting this vulnerability in current month (February 2021), and not getting CVE-2021-1648 vulnerability.

Microsoft initially planned to patch this vulnerability as part of its November and December 2020 Patch Tuesday releases under a CVE identifier of CVE-2020-17008. However, due to testing issues, it was pushed back to January 2021. Because it slipped into 2021, Microsoft scrapped CVE-2020-17008 and now identifies it as CVE-2021-1648.

Regards,

Hi Aleksandar,

What feed and platform do you use ?

If you are on a Microsoft Server, this vulnerabilities are no longer part of the Greenbone community feed. If you have purchased a Greenbone appliance including the Greenbone Security Feed, please open a support ticket to upgrade to GVM 20.08. Your installation is end of support by 01.01.2021 and the support helps you to upgrade.

I suggest you read our FAQ fist here:

Hi Lukas,

Thanks for your answer.
We have used Greenbone gsm-ce-6.0.10.iso file to deploy VM.
Feed is updated every two/three days. Latest update obtained 20210222
NVT - Greenbone Community Feed
SCAP - Greenbone Community SCAP Feed
CERT - Greenbone Community CERT Feed

Please upgrade to a supported OS first.

Thank you! Can you provide me with purchase dept email address, so I can get in touch with and help us purchase adequate license for our needs? We need vulnerability scanner only, not vulnerability management. Is there such license?

What are GSM 20.80.4 (current version) limitations? Number of host scanned? Time limit? …

Thanks for all you help and patience!

Hello all,

I am currently on the latest version of GVM (20.08) and I am also getting this. Community feeds are current as of today. This vulnerability test still appears to be in the feeds; the .nasl is:

“gb_ms_windows_kernel_elevation_of_privilege_vuln_dec20.nasl”

Thank you.

this vulnerabilities are no longer part of the Greenbone community feed

@Lukas Like edward2k6 posted above, I’m also experiencing the problem that the NVT in question still appears to be part of the community feed, contrary to what you’ve posted above. I’m also on GVM 20.08 (20.8.1), see:

/nvts filtered for ~1.3.6.1.4.1.25623.1.0.817567


Feed-Status

@Lukas, as both tgurr and edward2k6 have previously mentioned, This NVT is still appearing in the community feed whilst being potentially incorrect. Are there any updates on the matter or guidance as to correct this issue?

Hi,

you are right. This VT is still in the community feed and we are already looking after it. Currently there is no ETA.