Report generated on 04-Apr-2024 at 15:06:12 by pytest-html v3.1.1
14 tests ran in 1972.49 seconds.
(Un)check the boxes to filter the results.
11 passed, 0 skipped, 3 failed, 0 errors, 0 expected failures, 0 unexpected passes| Tests | Failed | Success | XFail | Error |
|---|---|---|---|---|
| test_vulnerability_detector/test_vulnerability_detector.py | 3 | 11 | 0 | 0 |
| Result | Time | Test | Description | Duration | Markers | Links | Tier |
|---|---|---|---|---|---|---|---|
| No results found. Try to check the filters | |||||||
| Failed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_maintain_vulnerability] | 240.10 | Test arguments test_vulnerability_detector_scans_cases[upgrade_package_maintain_vulnerability].log agent1_ossec.log manager1_ossec.log | ||||
Test function detailsExtended SummaryParametersself = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x76b6ac8e52a0>, setup_vulnerability_tests = '2024-04-04T12:35:30Z' request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_maintain_vulnerability]>> preconditions = {'tasks': [{'check': {'alerts': True, 'state_index': True}, 'operation': 'install_package', 'package': {'centos': {'am...: 'http-proxy-0.5.9'}, 'ubuntu': {'amd64': 'mysql-5.5.20'}, 'windows': {'amd64': 'node-v17.0.1'}}, 'target': 'agent'}]} body = {'tasks': [{'check': {'alerts': True, 'state_index': True}, 'operation': 'update_package', 'package': {'from': {'cento...'http-proxy-0.5.10'}, 'ubuntu': {'amd64': 'mysql-5.5.21'}, 'windows': {'amd64': 'node-v17.1.0'}}}, 'target': 'agent'}]} teardown = None setup = {'agent1': {'checks': {'all_successfull': True}, 'evidences': {'alerts_found': [], 'alerts_found_unexpected': [], 'ale...'_id': '8J4kqY4BIFEqiUZiohWR', '_index': 'wazuh-alerts-4.x-2024.04.04', '_score': 3.541077, '_source': {...}}]}, ...}}} host_manager = <wazuh_testing.tools.system.HostManager object at 0x76b6ac8e6890> get_results = {'setup': {'agent1': {'checks': {'all_successfull': True}, 'evidences': {'alerts_found': [], 'alerts_found_unexpected'...alerts_not_found_from': [{'CVE': 'CVE-2017-16014', 'PACKAGE_NAME': 'http-proxy', 'PACKAGE_VERSION': '0.5.10'}], ...}}}} @pytest.mark.parametrize('preconditions, body, teardown', complete_list, ids=list_ids) def test_vulnerability_detector_scans_cases(self, setup_vulnerability_tests, request, preconditions, body, teardown, setup, host_manager, get_results): test_name = request.node.name setup_results = setup results = get_results results[request.node.name] = {} results['setup'] = setup_results hosts_to_ignore = [] for host in setup_results.keys(): if setup_results[host]['checks']['all_successfull'] is False: hosts_to_ignore.append(host) if len(hosts_to_ignore) > 0: logger.critical(f"Setup test failed for hosts {hosts_to_ignore}. Check logs for more information") logger.critical(f"Evidences: {setup_results}") logger.critical("Ignoring these hosts for the rest of the test") logger.critical("Starting scan cases tests") logger.critical(f"Case Info: {body}") # Launch tests tasks test_result = launch_parallel_operations(body['tasks'], host_manager, hosts_to_ignore) success_for_all_agents = True for host in test_result.keys(): if test_result[host]['checks']['all_successfull'] is False: success_for_all_agents = False logger.critical(f"Test failed for host {host}. Check logs for more information") logger.critical(f"Evidences: {test_result[host]['evidences']}") results[test_name]['evidences'] = {} for agent in test_result.keys(): if 'evidences' in test_result[agent]: for evidence, evidence_values in test_result[agent]['evidences'].items(): results[test_name]['evidences'][str(agent)+str(evidence)] = evidence_values if 'evidences' in test_result: results[test_name]['evidences'] = test_result['evidences'] results[test_name] = test_result logger.critical("Final Results") > assert success_for_all_agents is True, "Test failed. Check logs for more information" E AssertionError: Test failed. Check logs for more information E assert False is True end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:639: AssertionError -------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'openjdk-1.6.0'}, 'ubuntu': {'amd64': 'mysql-5.5.20'}, 'windows': {'amd64': 'node-v17.0.1'}, 'macos': {'amd64': 'http-proxy-0.5.10', 'arm64v8': 'http-proxy-0.5.10'}}, 'to': {'centos': {'amd64': 'openjdk-1.7.0'}, 'ubuntu': {'amd64': 'mysql-5.5.21'}, 'windows': {'amd64': 'node-v17.1.0'}, 'macos': {'amd64': 'http-proxy-0.5.10', 'arm64v8': 'http-proxy-0.5.10'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:622 Test failed for host agent1. Check logs for more information CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:623 Evidences: {'alerts_not_found_from': [{'CVE': 'CVE-2017-16014', 'PACKAGE_NAME': 'http-proxy', 'PACKAGE_VERSION': '0.5.10'}], 'alerts_found_from': [], 'alerts_found': [], 'states_found': [], 'alerts_found_unexpected': [], 'states_found_unexpected': [], 'all_alerts_found': {'agent1': [{'_index': 'wazuh-alerts-4.x-2024.04.04', '_id': '8Z4mqY4BIFEqiUZiihXi', '_score': 3.5168583, '_source': {'cluster': {'node': 'master', 'name': 'wazuh'}, 'agent': {'ip': '192.168.64.13', 'name': 'agent1', 'id': '002'}, 'manager': {'name': 'ip-172-31-6-78'}, 'data': {'vulnerability': {'severity': 'Medium', 'package': {'condition': 'Package less than 0.7.0', 'name': 'http-proxy', 'source': ' ', 'version': '0.5.10', 'architecture': ' '}, 'assigner': 'hackerone', 'cwe_reference': 'CWE-388', 'published': '2018-06-04T19:29:00Z', 'title': 'CVE-2017-16014 affects http-proxy', 'type': 'Packages', 'rationale': 'Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.', 'reference': 'https://github.com/nodejitsu/node-http-proxy/pull/101, https://nodesecurity.io/advisories/323', 'cve': 'CVE-2017-16014', 'enumeration': 'CVE', 'cvss': {'cvss2': {'base_score': '5', 'vector': {'integrity_impact': 'NONE', 'availability': 'PARTIAL', 'confidentiality_impact': 'NONE', 'access_complexity': 'LOW', 'authentication': 'NONE'}}}, 'updated': '2019-10-09T23:24:36Z', 'status': 'Active'}}, 'rule': {'firedtimes': 3, 'mail': False, 'level': 7, 'pci_dss': ['11.2.1', '11.2.3'], 'tsc': ['CC7.1', 'CC7.2'], 'description': 'CVE-2017-16014 affects http-proxy', 'groups': ['vulnerability-detector'], 'id': '23504', 'gdpr': ['IV_35.7.d']}, 'decoder': {'name': 'json'}, 'input': {'type': 'log'}, '@timestamp': '2024-04-04T12:47:32.641Z', 'location': 'vulnerability-detector', 'id': '1712234852.1489459', 'timestamp': '2024-04-04T12:47:32.641+0000'}}]}, 'all_alerts_found_mitigated': {'agent1': [{'_index': 'wazuh-alerts-4.x-2024.04.04', '_id': '8p4mqY4BIFEqiUZiihXi', '_score': 3.6886542, '_source': {'cluster': {'node': 'master', 'name': 'wazuh'}, 'agent': {'ip': '192.168.64.13', 'name': 'agent1', 'id': '002'}, 'manager': {'name': 'ip-172-31-6-78'}, 'data': {'vulnerability': {'reference': 'https://github.com/nodejitsu/node-http-proxy/pull/101, https://nodesecurity.io/advisories/323', 'severity': 'Medium', 'cve': 'CVE-2017-16014', 'package': {'name': 'http-proxy', 'version': '0.5.9', 'architecture': ' '}, 'published': '2018-06-04T19:29:00Z', 'enumeration': 'CVE', 'title': 'CVE-2017-16014 affecting http-proxy was solved', 'type': 'Packages', 'cvss': {'cvss2': {'base_score': '5'}}, 'updated': '2019-10-09T23:24:36Z', 'status': 'Solved'}}, 'rule': {'firedtimes': 2, 'mail': False, 'level': 3, 'pci_dss': ['11.2.1', '11.2.3'], 'tsc': ['CC7.1', 'CC7.2'], 'description': 'The CVE-2017-16014 that affected http-proxy was solved due to a package removal/update or a system upgrade', 'groups': ['vulnerability-detector'], 'id': '23502', 'gdpr': ['IV_35.7.d']}, 'decoder': {'name': 'json'}, 'input': {'type': 'log'}, '@timestamp': '2024-04-04T12:47:32.753Z', 'location': 'vulnerability-detector', 'id': '1712234852.1491801', 'timestamp': '2024-04-04T12:47:32.753+0000'}}]}, 'all_states_found': {'agent1': [{'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_3fedc89a0b556466b1e0cf7ffed4ecac273ec0ff_CVE-2017-16014', '_score': 2.3531787, '_source': {'@timestamp': '2024-04-04T12:47:32.641Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'package': {'description': 'A full-featured http reverse proxy for node.js', 'name': 'http-proxy', 'path': '/usr/local/lib/node_modules/http-proxy/package.json', 'size': 0, 'type': 'npm', 'version': '0.5.10'}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service.', 'enumeration': 'CVE', 'id': 'CVE-2017-16014', 'reference': 'https://github.com/nodejitsu/node-http-proxy/pull/101, https://nodesecurity.io/advisories/323', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.0, 'version': '2.0'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}}]}, 'states_found_unexpected_from': []} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Failed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability0] | 118.81 | Test arguments agent1_ossec.log test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability0].log manager1_ossec.log | ||||
Test function detailsExtended SummaryParametersself = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x76b6ac8e5330>, setup_vulnerability_tests = '2024-04-04T12:35:30Z' request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability0]>>, preconditions = None body = {'tasks': [{'check': {'alerts': True, 'state_index': True}, 'operation': 'update_package', 'package': {'from': {'cento...minformation-5.0.0'}, 'ubuntu': {'amd64': 'mysql-5.5.19'}, 'windows': {'amd64': 'node-v18.0.0'}}}, 'target': 'agent'}]} teardown = None, setup = {}, host_manager = <wazuh_testing.tools.system.HostManager object at 0x76b6ac8e6890> get_results = {'setup': {}, 'test_vulnerability_detector_scans_cases[install_package]': {'agent1': {'checks': {'all_successfull': Tr...'4.34.23'}, {'CVE': 'CVE-2021-21315', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}], ...}}}, ...} @pytest.mark.parametrize('preconditions, body, teardown', complete_list, ids=list_ids) def test_vulnerability_detector_scans_cases(self, setup_vulnerability_tests, request, preconditions, body, teardown, setup, host_manager, get_results): test_name = request.node.name setup_results = setup results = get_results results[request.node.name] = {} results['setup'] = setup_results hosts_to_ignore = [] for host in setup_results.keys(): if setup_results[host]['checks']['all_successfull'] is False: hosts_to_ignore.append(host) if len(hosts_to_ignore) > 0: logger.critical(f"Setup test failed for hosts {hosts_to_ignore}. Check logs for more information") logger.critical(f"Evidences: {setup_results}") logger.critical("Ignoring these hosts for the rest of the test") logger.critical("Starting scan cases tests") logger.critical(f"Case Info: {body}") # Launch tests tasks test_result = launch_parallel_operations(body['tasks'], host_manager, hosts_to_ignore) success_for_all_agents = True for host in test_result.keys(): if test_result[host]['checks']['all_successfull'] is False: success_for_all_agents = False logger.critical(f"Test failed for host {host}. Check logs for more information") logger.critical(f"Evidences: {test_result[host]['evidences']}") results[test_name]['evidences'] = {} for agent in test_result.keys(): if 'evidences' in test_result[agent]: for evidence, evidence_values in test_result[agent]['evidences'].items(): results[test_name]['evidences'][str(agent)+str(evidence)] = evidence_values if 'evidences' in test_result: results[test_name]['evidences'] = test_result['evidences'] results[test_name] = test_result logger.critical("Final Results") > assert success_for_all_agents is True, "Test failed. Check logs for more information" E AssertionError: Test failed. Check logs for more information E assert False is True end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:639: AssertionError -------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'openjdk-1.6.0'}, 'ubuntu': {'amd64': 'mysql-5.5.18'}, 'windows': {'amd64': 'node-v17.1.0'}, 'macos': {'amd64': 'systeminformation-4.34.23', 'arm64v8': 'systeminformation-4.34.23'}}, 'to': {'centos': {'amd64': 'openjdk-1.7.0'}, 'ubuntu': {'amd64': 'mysql-5.5.19'}, 'windows': {'amd64': 'node-v18.0.0'}, 'macos': {'amd64': 'systeminformation-5.0.0', 'arm64v8': 'systeminformation-5.0.0'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:622 Test failed for host agent1. Check logs for more information CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:623 Evidences: {'alerts_not_found_from': [{'CVE': 'CVE-2021-21388', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}, {'CVE': 'CVE-2021-21315', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}], 'alerts_found_from': [], 'alerts_found': [], 'states_found': [], 'alerts_found_unexpected': [], 'states_found_unexpected': [], 'all_alerts_found': {'agent1': [{'_index': 'wazuh-alerts-4.x-2024.04.04', '_id': '-Z4oqY4BIFEqiUZicxUn', '_score': 3.4480927, '_source': {'cluster': {'node': 'master', 'name': 'wazuh'}, 'agent': {'ip': '192.168.64.13', 'name': 'agent1', 'id': '002'}, 'manager': {'name': 'ip-172-31-6-78'}, 'data': {'vulnerability': {'severity': 'High', 'package': {'condition': 'Package less than 5.6.4', 'name': 'systeminformation', 'source': 'https://systeminformation.io', 'version': '5.0.0', 'architecture': ' '}, 'assigner': 'GitHub_M', 'cwe_reference': 'CWE-20', 'published': '2021-04-29T18:15:09Z', 'title': 'CVE-2021-21388 affects systeminformation', 'type': 'Packages', 'rationale': 'systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior to 5.6.4. The issue has been fixed with a parameter check on user input. Please upgrade to version >= 5.6.4. If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() and other commands. Only allow strings, reject any arrays. String sanitation works as expected.', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/01ef56cd5824ed6da1c11b37013a027fdef67524, https://github.com/sebhildebrandt/systeminformation/commit/0be6fcd575c05687d1076d5cd6d75af2ebae5a46, https://github.com/sebhildebrandt/systeminformation/commit/7922366d707de7f20995fc8e30ac3153636bf35f, https://www.npmjs.com/package/systeminformation, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-jff2-qjw8-5476', 'cve': 'CVE-2021-21388', 'enumeration': 'CVE', 'cvss': {'cvss2': {'base_score': '7.500000', 'vector': {'integrity_impact': 'PARTIAL', 'availability': 'PARTIAL', 'confidentiality_impact': 'PARTIAL', 'access_complexity': 'LOW', 'authentication': 'NONE'}}}, 'updated': '2021-05-05T20:31:16Z', 'status': 'Active'}}, 'rule': {'firedtimes': 1, 'mail': False, 'level': 10, 'pci_dss': ['11.2.1', '11.2.3'], 'tsc': ['CC7.1', 'CC7.2'], 'description': 'CVE-2021-21388 affects systeminformation', 'groups': ['vulnerability-detector'], 'id': '23505', 'gdpr': ['IV_35.7.d']}, 'decoder': {'name': 'json'}, 'input': {'type': 'log'}, '@timestamp': '2024-04-04T12:49:37.667Z', 'location': 'vulnerability-detector', 'id': '1712234977.1496140', 'timestamp': '2024-04-04T12:49:37.667+0000'}}, {'_index': 'wazuh-alerts-4.x-2024.04.04', '_id': '-p4oqY4BIFEqiUZicxUn', '_score': 3.4480927, '_source': {'cluster': {'node': 'master', 'name': 'wazuh'}, 'agent': {'ip': '192.168.64.13', 'name': 'agent1', 'id': '002'}, 'manager': {'name': 'ip-172-31-6-78'}, 'data': {'vulnerability': {'severity': 'Critical', 'package': {'condition': 'Package less than 5.21.7', 'name': 'systeminformation', 'source': 'https://systeminformation.io', 'version': '5.0.0', 'architecture': ' '}, 'assigner': 'GitHub_M', 'cwe_reference': 'CWE-77', 'published': '2023-09-21T18:15:12Z', 'title': 'CVE-2023-42810 affects systeminformation', 'type': 'Packages', 'rationale': 'systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only).', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/7972565812ccb2a610a22911c54c3446f4171392, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-gx6r-qc2v-3p3v, https://systeminformation.io/security.html', 'cve': 'CVE-2023-42810', 'enumeration': 'CVE', 'cvss': {'cvss3': {'base_score': '9.800000', 'vector': {'user_interaction': 'NONE', 'integrity_impact': 'HIGH', 'scope': 'UNCHANGED', 'availability': 'HIGH', 'confidentiality_impact': 'HIGH', 'privileges_required': 'NONE'}}}, 'updated': '2023-09-23T03:38:14Z', 'status': 'Active'}}, 'rule': {'firedtimes': 1, 'mail': True, 'level': 13, 'pci_dss': ['11.2.1', '11.2.3'], 'tsc': ['CC7.1', 'CC7.2'], 'description': 'CVE-2023-42810 affects systeminformation', 'groups': ['vulnerability-detector'], 'id': '23506', 'gdpr': ['IV_35.7.d']}, 'decoder': {'name': 'json'}, 'input': {'type': 'log'}, '@timestamp': '2024-04-04T12:49:37.677Z', 'location': 'vulnerability-detector', 'id': '1712234977.1499999', 'timestamp': '2024-04-04T12:49:37.677+0000'}}, {'_index': 'wazuh-alerts-4.x-2024.04.04', '_id': '-54oqY4BIFEqiUZicxUn', '_score': 3.4480927, '_source': {'cluster': {'node': 'master', 'name': 'wazuh'}, 'agent': {'ip': '192.168.64.13', 'name': 'agent1', 'id': '002'}, 'manager': {'name': 'ip-172-31-6-78'}, 'data': {'vulnerability': {'severity': 'Medium', 'package': {'condition': 'Package less than 5.3.1', 'name': 'systeminformation', 'source': 'https://systeminformation.io', 'version': '5.0.0', 'architecture': ' '}, 'assigner': 'GitHub_M', 'cwe_reference': 'CWE-78', 'published': '2021-02-16T17:15:13Z', 'title': 'CVE-2021-21315 affects systeminformation', 'type': 'Packages', 'rationale': 'The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525, https://www.npmjs.com/package/systeminformation, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v, https://security.netapp.com/advisory/ntap-20210312-0007/, https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E', 'cve': 'CVE-2021-21315', 'enumeration': 'CVE', 'cvss': {'cvss2': {'base_score': '4.600000', 'vector': {'integrity_impact': 'PARTIAL', 'availability': 'PARTIAL', 'confidentiality_impact': 'PARTIAL', 'access_complexity': 'LOW', 'authentication': 'NONE'}}}, 'updated': '2023-11-07T03:29:47Z', 'status': 'Active'}}, 'rule': {'firedtimes': 4, 'mail': False, 'level': 7, 'pci_dss': ['11.2.1', '11.2.3'], 'tsc': ['CC7.1', 'CC7.2'], 'description': 'CVE-2021-21315 affects systeminformation', 'groups': ['vulnerability-detector'], 'id': '23504', 'gdpr': ['IV_35.7.d']}, 'decoder': {'name': 'json'}, 'input': {'type': 'log'}, '@timestamp': '2024-04-04T12:49:37.687Z', 'location': 'vulnerability-detector', 'id': '1712234977.1503112', 'timestamp': '2024-04-04T12:49:37.687+0000'}}]}, 'all_alerts_found_mitigated': {'agent1': []}, 'all_states_found': {'agent1': [{'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_30605df5c0aaf5dd7dd9f5c2fef776b26a889956_CVE-2023-42810', '_score': 2.338861, '_source': {'@timestamp': '2024-04-04T12:49:37.666Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'package': {'description': 'Simple system and OS information library', 'name': 'systeminformation', 'path': '/usr/local/lib/node_modules/systeminformation/package.json', 'size': 0, 'type': 'npm', 'version': '5.0.0'}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only).', 'enumeration': 'CVE', 'id': 'CVE-2023-42810', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/7972565812ccb2a610a22911c54c3446f4171392, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-gx6r-qc2v-3p3v, https://systeminformation.io/security.html', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 9.8, 'version': '3.1'}, 'severity': 'Critical'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}}, {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_30605df5c0aaf5dd7dd9f5c2fef776b26a889956_CVE-2021-21315', '_score': 2.338861, '_source': {'@timestamp': '2024-04-04T12:49:37.666Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'package': {'description': 'Simple system and OS information library', 'name': 'systeminformation', 'path': '/usr/local/lib/node_modules/systeminformation/package.json', 'size': 0, 'type': 'npm', 'version': '5.0.0'}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The System Information Library for Node.JS (npm package "systeminformation") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.', 'enumeration': 'CVE', 'id': 'CVE-2021-21315', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/07daa05fb06f24f96297abaa30c2ace8bfd8b525, https://www.npmjs.com/package/systeminformation, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-2m8v-572m-ff2v, https://security.netapp.com/advisory/ntap-20210312-0007/, https://lists.apache.org/thread.html/r8afea9a83ed568f2647cccc6d8d06126f9815715ddf9a4d479b26b05%40%3Cissues.cordova.apache.org%3E', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.6, 'version': '2.0'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}}, {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_30605df5c0aaf5dd7dd9f5c2fef776b26a889956_CVE-2021-21388', '_score': 2.338861, '_source': {'@timestamp': '2024-04-04T12:49:37.666Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'package': {'description': 'Simple system and OS information library', 'name': 'systeminformation', 'path': '/usr/local/lib/node_modules/systeminformation/package.json', 'size': 0, 'type': 'npm', 'version': '5.0.0'}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'systeminformation is an open source system and OS information library for node.js. A command injection vulnerability has been discovered in versions of systeminformation prior to 5.6.4. The issue has been fixed with a parameter check on user input. Please upgrade to version >= 5.6.4. If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() and other commands. Only allow strings, reject any arrays. String sanitation works as expected.', 'enumeration': 'CVE', 'id': 'CVE-2021-21388', 'reference': 'https://github.com/sebhildebrandt/systeminformation/commit/01ef56cd5824ed6da1c11b37013a027fdef67524, https://github.com/sebhildebrandt/systeminformation/commit/0be6fcd575c05687d1076d5cd6d75af2ebae5a46, https://github.com/sebhildebrandt/systeminformation/commit/7922366d707de7f20995fc8e30ac3153636bf35f, https://www.npmjs.com/package/systeminformation, https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-jff2-qjw8-5476', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '2.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}}]}, 'states_found_unexpected_from': [{'agent': 'agent1', 'cve': 'CVE-2021-21388', 'package_name': 'systeminformation', 'package_version': '4.34.23'}, {'agent': 'agent1', 'cve': 'CVE-2021-21315', 'package_name': 'systeminformation', 'package_version': '4.34.23'}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Failed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability1] | 118.44 | Test arguments test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability1].log agent1_ossec.log manager1_ossec.log | ||||
Test function detailsExtended SummaryParametersself = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x76b6ac8e5210>, setup_vulnerability_tests = '2024-04-04T12:35:30Z' request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability1]>>, preconditions = None body = {'tasks': [{'check': {'alerts': True, 'state_index': True}, 'operation': 'update_package', 'package': {'from': {'cento...minformation-5.0.0'}, 'ubuntu': {'amd64': 'mysql-5.5.19'}, 'windows': {'amd64': 'node-v18.1.0'}}}, 'target': 'agent'}]} teardown = None, setup = {}, host_manager = <wazuh_testing.tools.system.HostManager object at 0x76b6ac8e6890> get_results = {'setup': {}, 'test_vulnerability_detector_scans_cases[install_package]': {'agent1': {'checks': {'all_successfull': Tr...'4.34.23'}, {'CVE': 'CVE-2021-21315', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}], ...}}}, ...} @pytest.mark.parametrize('preconditions, body, teardown', complete_list, ids=list_ids) def test_vulnerability_detector_scans_cases(self, setup_vulnerability_tests, request, preconditions, body, teardown, setup, host_manager, get_results): test_name = request.node.name setup_results = setup results = get_results results[request.node.name] = {} results['setup'] = setup_results hosts_to_ignore = [] for host in setup_results.keys(): if setup_results[host]['checks']['all_successfull'] is False: hosts_to_ignore.append(host) if len(hosts_to_ignore) > 0: logger.critical(f"Setup test failed for hosts {hosts_to_ignore}. Check logs for more information") logger.critical(f"Evidences: {setup_results}") logger.critical("Ignoring these hosts for the rest of the test") logger.critical("Starting scan cases tests") logger.critical(f"Case Info: {body}") # Launch tests tasks test_result = launch_parallel_operations(body['tasks'], host_manager, hosts_to_ignore) success_for_all_agents = True for host in test_result.keys(): if test_result[host]['checks']['all_successfull'] is False: success_for_all_agents = False logger.critical(f"Test failed for host {host}. Check logs for more information") logger.critical(f"Evidences: {test_result[host]['evidences']}") results[test_name]['evidences'] = {} for agent in test_result.keys(): if 'evidences' in test_result[agent]: for evidence, evidence_values in test_result[agent]['evidences'].items(): results[test_name]['evidences'][str(agent)+str(evidence)] = evidence_values if 'evidences' in test_result: results[test_name]['evidences'] = test_result['evidences'] results[test_name] = test_result logger.critical("Final Results") > assert success_for_all_agents is True, "Test failed. Check logs for more information" E AssertionError: Test failed. Check logs for more information E assert False is True end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:639: AssertionError -------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'openjdk-1.7.0'}, 'ubuntu': {'amd64': 'mysql-5.5.18'}, 'windows': {'amd64': 'node-v18.0.0'}, 'macos': {'amd64': 'systeminformation-4.34.23', 'arm64v8': 'systeminformation-4.34.23'}}, 'to': {'centos': {'amd64': 'openjdk-1.8.0'}, 'ubuntu': {'amd64': 'mysql-5.5.19'}, 'windows': {'amd64': 'node-v18.1.0'}, 'macos': {'amd64': 'systeminformation-5.0.0', 'arm64v8': 'systeminformation-5.0.0'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:622 Test failed for host agent1. Check logs for more information CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:623 Evidences: {'alerts_not_found_from': [{'CVE': 'CVE-2021-21388', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}, {'CVE': 'CVE-2021-21315', 'PACKAGE_NAME': 'systeminformation', 'PACKAGE_VERSION': '4.34.23'}], 'alerts_found_from': [], 'alerts_found': [], 'states_found': [], 'alerts_found_unexpected': [], 'states_found_unexpected': [], 'all_alerts_found': {'agent1': []}, 'all_alerts_found_mitigated': {'agent1': []}, 'all_states_found': {'agent1': []}, 'states_found_unexpected_from': [{'agent': 'agent1', 'cve': 'CVE-2021-21388', 'package_name': 'systeminformation', 'package_version': '4.34.23'}, {'agent': 'agent1', 'cve': 'CVE-2021-21315', 'package_name': 'systeminformation', 'package_version': '4.34.23'}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestInitialScans::test_syscollector_first_scan | description: Validates the initiation of Syscollector scans across all agents in the environment. | 197.87 | filterwarnings | |||
|
-------------------------------Captured log setup------------------------------- ERROR test_vulnerability_detector:test_vulnerability_detector.py:153 Init setup of environment ERROR test_vulnerability_detector:test_vulnerability_detector.py:156 Getting backup of current configurations ERROR test_vulnerability_detector:test_vulnerability_detector.py:159 Configuring environment ERROR test_vulnerability_detector:test_vulnerability_detector.py:163 Truncate managers and agents logs ERROR test_vulnerability_detector:test_vulnerability_detector.py:167 Stopping agents ERROR test_vulnerability_detector:test_vulnerability_detector.py:169 Restarting managers ERROR test_vulnerability_detector:test_vulnerability_detector.py:172 Save the Wazuh indexer username and password into the Wazuh manager keystore ERROR test_vulnerability_detector:test_vulnerability_detector.py:175 Restarting managers ERROR test_vulnerability_detector:test_vulnerability_detector.py:184 Wait until Vulnerability Detector has update all the feeds ERROR test_vulnerability_detector:test_vulnerability_detector.py:188 Truncate managers and agents logs ERROR test_vulnerability_detector:test_vulnerability_detector.py:192 Removing agents -------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:263 Monitoring syscollector first scan CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:272 Value of monitoring results is: {'agent1': {'not_found': [], 'found': ['2024/04/04 05:36:26']}} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:287 All agents has been scanned | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestInitialScans::test_syscollector_first_scan_index | description: Validates that the Vulnerability Detector detects vulnerabilities within the environment in the. first scan in the index. | 200.83 | filterwarnings | |||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:340 Checking vulnerabilities in the index CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:352 Checking that all agents has been scanned and generated vulnerabilities in the index CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:372 All agents has been scanned and updated states index | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestInitialScans::test_syscollector_second_scan | description: Validates the initiation of the second Syscollector scans across all agents in the environment. | 8.31 | filterwarnings | |||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:428 Value of monitoring results is: {'agent1': {'not_found': [], 'found': ['2024/04/04 05:36:26', '2024/04/04 05:39:13']}} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:430 Checking that all agents has been scanned CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:447 Syscollector scan started in all agents | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestInitialScans::tests_syscollector_first_second_scan_consistency_index | description: Ensure the consistency of the agent's vulnerabilities between the first and second scans in index. | 0.70 | filterwarnings | |||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:495 Checking vulnerabilities in the second scan ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4734', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.', 'enumeration': 'CVE', 'id': 'CVE-2023-4734', 'reference': 'https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4738', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.', 'enumeration': 'CVE', 'id': 'CVE-2023-4738', 'reference': 'https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23218', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.', 'enumeration': 'CVE', 'id': 'CVE-2024-23218', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.9, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4750', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1857.', 'enumeration': 'CVE', 'id': 'CVE-2023-4750', 'reference': 'https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4752', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1858.', 'enumeration': 'CVE', 'id': 'CVE-2023-4752', 'reference': 'https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html, https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40421', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-40421', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23204', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23204', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-1999-0590', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A system does not present an appropriate legal message or warning to a user who is accessing it.', 'enumeration': 'CVE', 'id': 'CVE-1999-0590', 'reference': 'http://ciac.llnl.gov/ciac/bulletins/j-043.shtml', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 10.0, 'version': '2.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23207', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23207', 'reference': 'https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, http://seclists.org/fulldisclosure/2024/Jan/39', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23208', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23208', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23210', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a user's phone number in system logs.", 'enumeration': 'CVE', 'id': 'CVE-2024-23210', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23215', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23215', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23217', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences.', 'enumeration': 'CVE', 'id': 'CVE-2024-23217', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Mar/22, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41983', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-41983', 'reference': 'http://www.openwall.com/lists/oss-security/2023/11/15/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/, http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/27, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://www.debian.org/security/2023/dsa-5557, https://support.apple.com/kb/HT213984, https://security.gentoo.org/glsa/202401-33', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-30774', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.', 'enumeration': 'CVE', 'id': 'CVE-2023-30774', 'reference': 'https://gitlab.com/libtiff/libtiff/-/issues/463, https://bugzilla.redhat.com/show_bug.cgi?id=2187139, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/kb/HT213984, https://access.redhat.com/security/cve/CVE-2023-30774, https://security.netapp.com/advisory/ntap-20230703-0002/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23224', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23224', 'reference': 'https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42890', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42890', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/6, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, http://www.openwall.com/lists/oss-security/2023/12/18/1, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214039, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041, https://security.gentoo.org/glsa/202401-33', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41072', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41072', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40444', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2023-40444', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42850', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42850', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42849', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.', 'enumeration': 'CVE', 'id': 'CVE-2023-42849', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42901', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42901', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4751', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.', 'enumeration': 'CVE', 'id': 'CVE-2023-4751', 'reference': 'https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42844', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks.', 'enumeration': 'CVE', 'id': 'CVE-2023-42844', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42899', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42899', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41975', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access the microphone without the microphone use indicator being shown.', 'enumeration': 'CVE', 'id': 'CVE-2023-41975', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23211', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings.", 'enumeration': 'CVE', 'id': 'CVE-2024-23211', 'reference': 'https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42908', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42908', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40416', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-40416', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41976', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-41976', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4781', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.', 'enumeration': 'CVE', 'id': 'CVE-2023-4781', 'reference': 'https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883, http://seclists.org/fulldisclosure/2023/Oct/24, https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html, https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23203', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23203', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Mar/22, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40405', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-40405', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41982', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41982', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.6, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42842', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42842', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/kb/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40447', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-40447', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42902', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42902', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42914', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to break out of its sandbox.', 'enumeration': 'CVE', 'id': 'CVE-2023-42914', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42900', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42900', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23296', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23296', 'reference': 'https://support.apple.com/en-us/HT214081, https://support.apple.com/kb/HT214084, https://support.apple.com/kb/HT214086, https://support.apple.com/kb/HT214087, https://support.apple.com/kb/HT214088, http://seclists.org/fulldisclosure/2024/Mar/18, http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/24, http://seclists.org/fulldisclosure/2024/Mar/25, http://seclists.org/fulldisclosure/2024/Mar/26', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42903', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42903', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42926', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42926', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, http://packetstormsecurity.com/files/176535/macOS-AppleGVA-Memory-Handling.html', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4733', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1840.', 'enumeration': 'CVE', 'id': 'CVE-2023-4733', 'reference': 'https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.3, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42905', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42905', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23213', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23213', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://www.openwall.com/lists/oss-security/2024/02/05/8, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42906', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42906', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42907', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42907', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42937', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42937', 'reference': 'http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214041, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214063, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://support.apple.com/kb/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42910', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42910', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23273', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2024-23273', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/20, http://seclists.org/fulldisclosure/2024/Mar/21, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214089', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42911', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42911', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23222', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23222', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42917', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.', 'enumeration': 'CVE', 'id': 'CVE-2023-42917', 'reference': 'https://support.apple.com/en-us/HT214031, https://support.apple.com/en-us/HT214032, https://support.apple.com/en-us/HT214033, http://www.openwall.com/lists/oss-security/2023/12/05/1, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/3, http://seclists.org/fulldisclosure/2023/Dec/4, http://seclists.org/fulldisclosure/2023/Dec/5, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2024/Jan/35, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/, https://security.gentoo.org/glsa/202401-04, https://www.debian.org/security/2023/dsa-5575', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42922', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-42922', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42912', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42912', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42916', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.', 'enumeration': 'CVE', 'id': 'CVE-2023-42916', 'reference': 'http://www.openwall.com/lists/oss-security/2023/12/05/1, https://support.apple.com/en-us/HT214031, https://support.apple.com/en-us/HT214032, https://support.apple.com/en-us/HT214033, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/3, http://seclists.org/fulldisclosure/2023/Dec/4, http://seclists.org/fulldisclosure/2023/Dec/5, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2024/Jan/35, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/, https://security.gentoo.org/glsa/202401-04, https://www.debian.org/security/2023/dsa-5575', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42924', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42924', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42935', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.', 'enumeration': 'CVE', 'id': 'CVE-2023-42935', 'reference': 'http://seclists.org/fulldisclosure/2024/Jan/37, https://support.apple.com/en-us/HT214058, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23225', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23225', 'reference': 'https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214084, https://support.apple.com/kb/HT214085, https://support.apple.com/kb/HT214086, https://support.apple.com/kb/HT214087, https://support.apple.com/kb/HT214088, http://seclists.org/fulldisclosure/2024/Mar/18, http://seclists.org/fulldisclosure/2024/Mar/19, http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, http://seclists.org/fulldisclosure/2024/Mar/24, http://seclists.org/fulldisclosure/2024/Mar/25, http://seclists.org/fulldisclosure/2024/Mar/26', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42909', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42909', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42940', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content.', 'enumeration': 'CVE', 'id': 'CVE-2023-42940', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/20, https://support.apple.com/en-us/HT214048', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.7, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42845', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. Photos in the Hidden Photos Album may be viewed without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2023-42845', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42919', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42919', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23277', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard.', 'enumeration': 'CVE', 'id': 'CVE-2024-23277', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214084', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.9, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23275', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23275', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.7, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23274', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23274', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23272', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.', 'enumeration': 'CVE', 'id': 'CVE-2024-23272', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23270', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23270', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, http://seclists.org/fulldisclosure/2024/Mar/25, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085, https://support.apple.com/en-us/HT214086', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23267', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to bypass certain Privacy preferences.', 'enumeration': 'CVE', 'id': 'CVE-2024-23267', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23266', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system.', 'enumeration': 'CVE', 'id': 'CVE-2024-23266', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42888', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-42888', 'reference': 'https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214041, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214063, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://support.apple.com/kb/HT214041, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42887', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2. An app may be able to read arbitrary files.', 'enumeration': 'CVE', 'id': 'CVE-2023-42887', 'reference': 'https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214058, https://support.apple.com/kb/HT214036, http://seclists.org/fulldisclosure/2024/Jan/37', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-45866', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.', 'enumeration': 'CVE', 'id': 'CVE-2023-45866', 'reference': 'https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77YQQS5FXPYE6WBBZO3REFIRAUJHERFA/, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2N2P5LMP3V7IJONALV2KOFL4NUU23CJ/, https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/input?id=25a471a83e02e1effb15d5a488b3f0085eaeb675, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, https://lists.debian.org/debian-lts-announce/2023/12/msg00011.html, https://bluetooth.com, http://changelogs.ubuntu.com/changelogs/pool/main/b/bluez/bluez_5.64-0ubuntu1/changelog, https://github.com/skysafe/reblog/tree/main/cve-2023-45866, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://security.gentoo.org/glsa/202401-03, https://www.debian.org/security/2023/dsa-5584', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42886', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42886', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42884', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-42884', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42881', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42881', 'reference': 'https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23209', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23209', 'reference': 'https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/36', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42874', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard.', 'enumeration': 'CVE', 'id': 'CVE-2023-42874', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 2.4, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42882', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42882', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, http://packetstormsecurity.com/files/176536/macOS-AppleVADriver-Out-Of-Bounds-Write.html', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41254', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41254', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42861', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.", 'enumeration': 'CVE', 'id': 'CVE-2023-42861', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42856', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42856', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-38403', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.', 'enumeration': 'CVE', 'id': 'CVE-2023-38403', 'reference': 'https://github.com/esnet/iperf/issues/1542, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/, https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://bugs.debian.org/1040830, https://cwe.mitre.org/data/definitions/130.html, https://security.netapp.com/advisory/ntap-20230818-0016/, https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42854', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients.', 'enumeration': 'CVE', 'id': 'CVE-2023-42854', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42883', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-42883', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/6, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, http://www.openwall.com/lists/oss-security/2023/12/18/1, https://www.debian.org/security/2023/dsa-5580, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214039, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42847', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2023-42847', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41997', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41997', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.6, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42894', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts.", 'enumeration': 'CVE', 'id': 'CVE-2023-42894', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23276', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23276', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42898', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42898', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23212', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23212', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, https://support.apple.com/en-us/HT214061', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42932', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42932', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42841', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-42841', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41977', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14.1, iOS 16.7.2 and iPadOS 16.7.2. Visiting a malicious website may reveal browsing history.', 'enumeration': 'CVE', 'id': 'CVE-2023-41977', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23214', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23214', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40408', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly.', 'enumeration': 'CVE', 'id': 'CVE-2023-40408', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2001-0102', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': '"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.', 'enumeration': 'CVE', 'id': 'CVE-2001-0102', 'reference': 'http://archives.neohapsis.com/archives/bugtraq/2000-12/0497.html, https://exchange.xforce.ibmcloud.com/vulnerabilities/5830', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.2, 'version': '2.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23206', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23206', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://www.openwall.com/lists/oss-security/2024/02/05/8, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42852', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42852', 'reference': 'http://www.openwall.com/lists/oss-security/2023/11/15/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/, http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://security.gentoo.org/glsa/202401-33, https://support.apple.com/kb/HT213984, https://www.debian.org/security/2023/dsa-5557', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40404', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-40404', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40449', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-40449', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42857', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42857', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40413', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-40413', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4736', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.', 'enumeration': 'CVE', 'id': 'CVE-2023-4736', 'reference': 'https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23268', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23268', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-1999-0524', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.', 'enumeration': 'CVE', 'id': 'CVE-1999-0524', 'reference': 'http://descriptions.securescout.com/tc/11010, http://descriptions.securescout.com/tc/11011, http://www.osvdb.org/95, https://kc.mcafee.com/corporate/index?page=content&id=SB10053, http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705, http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434, https://exchange.xforce.ibmcloud.com/vulnerabilities/306, https://exchange.xforce.ibmcloud.com/vulnerabilities/322', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 2.1, 'version': '2.0'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40423', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-40423', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23223', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23223', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.2, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42438', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing.', 'enumeration': 'CVE', 'id': 'CVE-2023-42438', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41988', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41988', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.8, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42891', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to monitor keystrokes without user permission.', 'enumeration': 'CVE', 'id': 'CVE-2023-42891', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42904', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42904', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41989', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen.', 'enumeration': 'CVE', 'id': 'CVE-2023-41989', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.8, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4734', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.', 'enumeration': 'CVE', 'id': 'CVE-2023-4734', 'reference': 'https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4738', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.', 'enumeration': 'CVE', 'id': 'CVE-2023-4738', 'reference': 'https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23218', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.', 'enumeration': 'CVE', 'id': 'CVE-2024-23218', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.9, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4750', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1857.', 'enumeration': 'CVE', 'id': 'CVE-2023-4750', 'reference': 'https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4752', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1858.', 'enumeration': 'CVE', 'id': 'CVE-2023-4752', 'reference': 'https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html, https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40421', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-40421', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23204', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23204', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-1999-0590', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A system does not present an appropriate legal message or warning to a user who is accessing it.', 'enumeration': 'CVE', 'id': 'CVE-1999-0590', 'reference': 'http://ciac.llnl.gov/ciac/bulletins/j-043.shtml', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 10.0, 'version': '2.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23207', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23207', 'reference': 'https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, http://seclists.org/fulldisclosure/2024/Jan/39', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23208', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23208', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23210', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a user's phone number in system logs.", 'enumeration': 'CVE', 'id': 'CVE-2024-23210', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23215', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23215', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23217', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences.', 'enumeration': 'CVE', 'id': 'CVE-2024-23217', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Mar/22, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41983', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-41983', 'reference': 'http://www.openwall.com/lists/oss-security/2023/11/15/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/, http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/27, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://www.debian.org/security/2023/dsa-5557, https://support.apple.com/kb/HT213984, https://security.gentoo.org/glsa/202401-33', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-30774', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.', 'enumeration': 'CVE', 'id': 'CVE-2023-30774', 'reference': 'https://gitlab.com/libtiff/libtiff/-/issues/463, https://bugzilla.redhat.com/show_bug.cgi?id=2187139, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/kb/HT213984, https://access.redhat.com/security/cve/CVE-2023-30774, https://security.netapp.com/advisory/ntap-20230703-0002/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23224', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23224', 'reference': 'https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42890', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42890', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/6, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, http://www.openwall.com/lists/oss-security/2023/12/18/1, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214039, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041, https://security.gentoo.org/glsa/202401-33', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41072', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41072', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40444', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2023-40444', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42850', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42850', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42849', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.', 'enumeration': 'CVE', 'id': 'CVE-2023-42849', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42901', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42901', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4751', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.', 'enumeration': 'CVE', 'id': 'CVE-2023-4751', 'reference': 'https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42844', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks.', 'enumeration': 'CVE', 'id': 'CVE-2023-42844', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42899', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42899', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41975', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access the microphone without the microphone use indicator being shown.', 'enumeration': 'CVE', 'id': 'CVE-2023-41975', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23211', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings.", 'enumeration': 'CVE', 'id': 'CVE-2024-23211', 'reference': 'https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42908', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.275Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42908', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40416', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-40416', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41976', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-41976', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4781', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.', 'enumeration': 'CVE', 'id': 'CVE-2023-4781', 'reference': 'https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883, http://seclists.org/fulldisclosure/2023/Oct/24, https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html, https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23203', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23203', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Mar/22, https://support.apple.com/kb/HT214082, https://support.apple.com/kb/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40405', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-40405', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41982', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41982', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.6, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42842', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42842', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/kb/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40447', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-40447', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42902', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42902', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42914', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to break out of its sandbox.', 'enumeration': 'CVE', 'id': 'CVE-2023-42914', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42900', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42900', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23296', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23296', 'reference': 'https://support.apple.com/en-us/HT214081, https://support.apple.com/kb/HT214084, https://support.apple.com/kb/HT214086, https://support.apple.com/kb/HT214087, https://support.apple.com/kb/HT214088, http://seclists.org/fulldisclosure/2024/Mar/18, http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/24, http://seclists.org/fulldisclosure/2024/Mar/25, http://seclists.org/fulldisclosure/2024/Mar/26', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42903', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42903', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42926', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42926', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, http://packetstormsecurity.com/files/176535/macOS-AppleGVA-Memory-Handling.html', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4733', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Use After Free in GitHub repository vim/vim prior to 9.0.1840.', 'enumeration': 'CVE', 'id': 'CVE-2023-4733', 'reference': 'https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.3, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42905', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.276Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42905', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23213', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23213', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://www.openwall.com/lists/oss-security/2024/02/05/8, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42906', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42906', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42907', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42907', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42937', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42937', 'reference': 'http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214041, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214063, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://support.apple.com/kb/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42910', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42910', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23273', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2024-23273', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/20, http://seclists.org/fulldisclosure/2024/Mar/21, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214089', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42911', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42911', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23222', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23222', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42917', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.', 'enumeration': 'CVE', 'id': 'CVE-2023-42917', 'reference': 'https://support.apple.com/en-us/HT214031, https://support.apple.com/en-us/HT214032, https://support.apple.com/en-us/HT214033, http://www.openwall.com/lists/oss-security/2023/12/05/1, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/3, http://seclists.org/fulldisclosure/2023/Dec/4, http://seclists.org/fulldisclosure/2023/Dec/5, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2024/Jan/35, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/, https://security.gentoo.org/glsa/202401-04, https://www.debian.org/security/2023/dsa-5575', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42922', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-42922', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42912', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42912', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42916', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.', 'enumeration': 'CVE', 'id': 'CVE-2023-42916', 'reference': 'http://www.openwall.com/lists/oss-security/2023/12/05/1, https://support.apple.com/en-us/HT214031, https://support.apple.com/en-us/HT214032, https://support.apple.com/en-us/HT214033, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/3, http://seclists.org/fulldisclosure/2023/Dec/4, http://seclists.org/fulldisclosure/2023/Dec/5, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2024/Jan/35, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/, https://security.gentoo.org/glsa/202401-04, https://www.debian.org/security/2023/dsa-5575', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42924', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42924', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42935', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in user’s desktop from the fast user switching screen.', 'enumeration': 'CVE', 'id': 'CVE-2023-42935', 'reference': 'http://seclists.org/fulldisclosure/2024/Jan/37, https://support.apple.com/en-us/HT214058, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23225', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.', 'enumeration': 'CVE', 'id': 'CVE-2024-23225', 'reference': 'https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/kb/HT214083, https://support.apple.com/kb/HT214084, https://support.apple.com/kb/HT214085, https://support.apple.com/kb/HT214086, https://support.apple.com/kb/HT214087, https://support.apple.com/kb/HT214088, http://seclists.org/fulldisclosure/2024/Mar/18, http://seclists.org/fulldisclosure/2024/Mar/19, http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, http://seclists.org/fulldisclosure/2024/Mar/24, http://seclists.org/fulldisclosure/2024/Mar/25, http://seclists.org/fulldisclosure/2024/Mar/26', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42909', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.277Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42909', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42940', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their screen may unintentionally share the incorrect content.', 'enumeration': 'CVE', 'id': 'CVE-2023-42940', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/20, https://support.apple.com/en-us/HT214048', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.7, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42845', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. Photos in the Hidden Photos Album may be viewed without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2023-42845', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42919', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.278Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, macOS Ventura 13.6.3, iOS 16.7.3 and iPadOS 16.7.3, macOS Monterey 12.7.2. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42919', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23277', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An attacker in a privileged network position may be able to inject keystrokes by spoofing a keyboard.', 'enumeration': 'CVE', 'id': 'CVE-2024-23277', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214084', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.9, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23275', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to access protected user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23275', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.7, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23274', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23274', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23272', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. A user may gain access to protected parts of the file system.', 'enumeration': 'CVE', 'id': 'CVE-2024-23272', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23270', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23270', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, http://seclists.org/fulldisclosure/2024/Mar/25, https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085, https://support.apple.com/en-us/HT214086', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23267', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to bypass certain Privacy preferences.', 'enumeration': 'CVE', 'id': 'CVE-2024-23267', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23266', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to modify protected parts of the file system.', 'enumeration': 'CVE', 'id': 'CVE-2024-23266', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42888', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-42888', 'reference': 'https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214041, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214063, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://support.apple.com/kb/HT214041, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42887', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2. An app may be able to read arbitrary files.', 'enumeration': 'CVE', 'id': 'CVE-2023-42887', 'reference': 'https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214058, https://support.apple.com/kb/HT214036, http://seclists.org/fulldisclosure/2024/Jan/37', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-45866', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.', 'enumeration': 'CVE', 'id': 'CVE-2023-45866', 'reference': 'https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77YQQS5FXPYE6WBBZO3REFIRAUJHERFA/, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2N2P5LMP3V7IJONALV2KOFL4NUU23CJ/, https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/input?id=25a471a83e02e1effb15d5a488b3f0085eaeb675, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, https://lists.debian.org/debian-lts-announce/2023/12/msg00011.html, https://bluetooth.com, http://changelogs.ubuntu.com/changelogs/pool/main/b/bluez/bluez_5.64-0ubuntu1/changelog, https://github.com/skysafe/reblog/tree/main/cve-2023-45866, https://support.apple.com/kb/HT214035, https://support.apple.com/kb/HT214036, https://security.gentoo.org/glsa/202401-03, https://www.debian.org/security/2023/dsa-5584', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42886', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.271Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42886', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42884', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, macOS Ventura 13.6.3, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. An app may be able to disclose kernel memory.', 'enumeration': 'CVE', 'id': 'CVE-2023-42884', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214038, https://support.apple.com/en-us/HT214040', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42881', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42881', 'reference': 'https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23209', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23209', 'reference': 'https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/36', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42874', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. Secure text fields may be displayed via the Accessibility Keyboard when using a physical keyboard.', 'enumeration': 'CVE', 'id': 'CVE-2023-42874', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 2.4, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42882', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42882', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, http://packetstormsecurity.com/files/176536/macOS-AppleVADriver-Out-Of-Bounds-Write.html', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41254', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41254', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42861', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. An attacker with knowledge of a standard user's credentials can unlock another standard user's locked screen on the same Mac.", 'enumeration': 'CVE', 'id': 'CVE-2023-42861', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42856', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Processing a file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42856', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-38403', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.', 'enumeration': 'CVE', 'id': 'CVE-2023-38403', 'reference': 'https://github.com/esnet/iperf/issues/1542, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BV6EBWWF4PEQKROEVXGYSTIT2MGBTLU7/, https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M25Z5FHTO3XWMGP37JHJ7IIIHSGCLKEV/, https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://bugs.debian.org/1040830, https://cwe.mitre.org/data/definitions/130.html, https://security.netapp.com/advisory/ntap-20230818-0016/, https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42854', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients.', 'enumeration': 'CVE', 'id': 'CVE-2023-42854', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42883', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-42883', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/6, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/8, http://seclists.org/fulldisclosure/2023/Dec/9, http://www.openwall.com/lists/oss-security/2023/12/18/1, https://www.debian.org/security/2023/dsa-5580, https://support.apple.com/en-us/HT214034, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214039, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42847', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An attacker may be able to access passkeys without authentication.', 'enumeration': 'CVE', 'id': 'CVE-2023-42847', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.5, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41997', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41997', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.6, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42894', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': "This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access information about a user's contacts.", 'enumeration': 'CVE', 'id': 'CVE-2023-42894', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23276', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23276', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42898', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.272Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42898', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/12, http://seclists.org/fulldisclosure/2023/Dec/13, http://seclists.org/fulldisclosure/2023/Dec/7, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214035, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214040, https://support.apple.com/en-us/HT214041', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23212', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23212', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214057, https://support.apple.com/en-us/HT214058, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/37, http://seclists.org/fulldisclosure/2024/Jan/38, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, https://support.apple.com/en-us/HT214061', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42932', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to access protected user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42932', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42841', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-42841', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41977', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved handling of caches. This issue is fixed in macOS Sonoma 14.1, iOS 16.7.2 and iPadOS 16.7.2. Visiting a malicious website may reveal browsing history.', 'enumeration': 'CVE', 'id': 'CVE-2023-41977', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23214', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2024-23214', 'reference': 'https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40408', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly.', 'enumeration': 'CVE', 'id': 'CVE-2023-40408', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2001-0102', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': '"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.', 'enumeration': 'CVE', 'id': 'CVE-2001-0102', 'reference': 'http://archives.neohapsis.com/archives/bugtraq/2000-12/0497.html, https://exchange.xforce.ibmcloud.com/vulnerabilities/5830', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.2, 'version': '2.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23206', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.', 'enumeration': 'CVE', 'id': 'CVE-2024-23206', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214056, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, https://support.apple.com/en-us/HT214063, http://seclists.org/fulldisclosure/2024/Jan/27, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/34, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40, http://www.openwall.com/lists/oss-security/2024/02/05/8, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42852', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.273Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42852', 'reference': 'http://www.openwall.com/lists/oss-security/2023/11/15/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/, http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/22, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/27, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213986, https://support.apple.com/en-us/HT213987, https://support.apple.com/en-us/HT213988, https://security.gentoo.org/glsa/202401-33, https://support.apple.com/kb/HT213984, https://www.debian.org/security/2023/dsa-5557', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 8.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40404', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-40404', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40449', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to cause a denial-of-service.', 'enumeration': 'CVE', 'id': 'CVE-2023-40449', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42857', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-42857', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 3.3, 'version': '3.1'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40413', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to read sensitive location information.', 'enumeration': 'CVE', 'id': 'CVE-2023-40413', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-4736', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.', 'enumeration': 'CVE', 'id': 'CVE-2023-4736', 'reference': 'https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71, http://seclists.org/fulldisclosure/2023/Oct/24, https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.0'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23268', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges.', 'enumeration': 'CVE', 'id': 'CVE-2024-23268', 'reference': 'http://seclists.org/fulldisclosure/2024/Mar/21, http://seclists.org/fulldisclosure/2024/Mar/22, http://seclists.org/fulldisclosure/2024/Mar/23, https://support.apple.com/en-us/HT214083, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214085', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-1999-0524', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.', 'enumeration': 'CVE', 'id': 'CVE-1999-0524', 'reference': 'http://descriptions.securescout.com/tc/11010, http://descriptions.securescout.com/tc/11011, http://www.osvdb.org/95, https://kc.mcafee.com/corporate/index?page=content&id=SB10053, http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705, http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434, https://exchange.xforce.ibmcloud.com/vulnerabilities/306, https://exchange.xforce.ibmcloud.com/vulnerabilities/322', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 2.1, 'version': '2.0'}, 'severity': 'Low'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-40423', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An app may be able to execute arbitrary code with kernel privileges.', 'enumeration': 'CVE', 'id': 'CVE-2023-40423', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/21, http://seclists.org/fulldisclosure/2023/Oct/23, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/26, https://support.apple.com/en-us/HT213981, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213983, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213985, https://support.apple.com/kb/HT213981, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213983, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213985', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2024-23223', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2024-23223', 'reference': 'https://support.apple.com/en-us/HT214055, https://support.apple.com/en-us/HT214059, https://support.apple.com/en-us/HT214060, https://support.apple.com/en-us/HT214061, http://seclists.org/fulldisclosure/2024/Jan/33, http://seclists.org/fulldisclosure/2024/Jan/36, http://seclists.org/fulldisclosure/2024/Jan/39, http://seclists.org/fulldisclosure/2024/Jan/40', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.2, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42438', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing.', 'enumeration': 'CVE', 'id': 'CVE-2023-42438', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 4.3, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41988', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data.', 'enumeration': 'CVE', 'id': 'CVE-2023-41988', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/19, http://seclists.org/fulldisclosure/2023/Oct/24, http://seclists.org/fulldisclosure/2023/Oct/25, https://support.apple.com/en-us/HT213982, https://support.apple.com/en-us/HT213984, https://support.apple.com/en-us/HT213988, https://support.apple.com/kb/HT213982, https://support.apple.com/kb/HT213984, https://support.apple.com/kb/HT213988', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.8, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42891', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. An app may be able to monitor keystrokes without user permission.', 'enumeration': 'CVE', 'id': 'CVE-2023-42891', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/10, http://seclists.org/fulldisclosure/2023/Dec/11, http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036, https://support.apple.com/en-us/HT214037, https://support.apple.com/en-us/HT214038', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 5.5, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-42904', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Sonoma 14.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.', 'enumeration': 'CVE', 'id': 'CVE-2023-42904', 'reference': 'http://seclists.org/fulldisclosure/2023/Dec/9, https://support.apple.com/en-us/HT214036', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 7.8, 'version': '3.1'}, 'severity': 'High'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} ERROR root:vulnerability_detector.py:315 Error parsing vulnerability: {'_index': 'wazuh-states-vulnerabilities', '_id': 'master_002_macOS_CVE-2023-41989', '_score': 1.989905, '_source': {'@timestamp': '2024-04-04T12:37:07.274Z', 'agent': {'ephemeral_id': 'master', 'id': '002', 'name': 'agent1', 'type': 'wazuh', 'version': 'v4.8.0'}, 'host': {'os': {'full': 'macOS Sonoma', 'kernel': '23.0.0', 'name': 'macOS', 'platform': 'darwin', 'type': 'macos', 'version': '14.0.23A344'}}, 'vulnerability': {'category': 'Packages', 'classification': 'CVSS', 'description': 'The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1. An attacker may be able to execute arbitrary code as root from the Lock Screen.', 'enumeration': 'CVE', 'id': 'CVE-2023-41989', 'reference': 'http://seclists.org/fulldisclosure/2023/Oct/24, https://support.apple.com/en-us/HT213984, https://support.apple.com/kb/HT213984', 'scanner': {'vendor': 'Wazuh'}, 'score': {'base': 6.8, 'version': '3.1'}, 'severity': 'Medium'}, 'wazuh': {'cluster': {'name': 'wazuh'}, 'manager': {'name': 'ip-172-31-6-78'}, 'schema': {'version': '1.0.0'}}}} | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[install_package] | 77.06 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'install_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'centos': {'amd64': 'openjdk-1.6.0'}, 'ubuntu': {'amd64': 'mysql-5.5.20'}, 'windows': {'amd64': 'node-v17.0.1'}, 'macos': {'amd64': 'http-proxy-0.5.9', 'arm64v8': 'http-proxy-0.5.9'}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[remove_package] | 118.12 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'remove_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'centos': {'amd64': 'openjdk-1.6.0'}, 'ubuntu': {'amd64': 'mysql-5.5.20'}, 'windows': {'amd64': 'node-v17.0.1'}, 'macos': {'amd64': 'http-proxy-0.5.9', 'arm64v8': 'http-proxy-0.5.9'}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_remove_vulnerability] | 119.34 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'grafana-9.2.0', 'arm64v8': 'grafana-9.2.0'}, 'ubuntu': {'amd64': 'grafana-9.2.0', 'arm64v8': 'grafana-9.2.0'}, 'windows': {'amd64': 'node-v18.1.0'}, 'macos': {'amd64': 'http-proxy-0.5.10', 'arm64v8': 'http-proxy-0.5.10'}}, 'to': {'centos': {'amd64': 'grafana-9.4.17', 'arm64v8': 'grafana-9.4.17'}, 'ubuntu': {'arm64v8': 'grafana-9.4.17', 'amd64': 'grafana-9.4.17'}, 'windows': {'amd64': 'node-v19.5.0'}, 'macos': {'amd64': 'http-proxy-0.7.0', 'arm64v8': 'http-proxy-0.7.0'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_nonvulnerable_to_nonvulnerable] | 237.99 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'grafana-9.4.17', 'arm64v8': 'grafana-9.4.17'}, 'ubuntu': {'arm64v8': 'grafana-9.4.17', 'amd64': 'grafana-9.4.17'}, 'windows': {'amd64': 'node-v19.5.0'}, 'macos': {'amd64': 'http-proxy-0.7.0', 'arm64v8': 'http-proxy-0.7.0'}}, 'to': {'centos': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'ubuntu': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'windows': {'amd64': 'node-v19.6.0'}, 'macos': {'amd64': 'http-proxy-0.7.2', 'arm64v8': 'http-proxy-0.7.2'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[upgrade_package_nonvulnerable_to_vulnerable] | 118.98 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'update_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'from': {'centos': {'amd64': 'firefox-91.13.0', 'arm64v8': 'grafana-8.5.5'}, 'ubuntu': {'amd64': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v19.6.0'}, 'macos': {'amd64': 'luxon-2.5.2', 'arm64v8': 'luxon-2.5.2'}}, 'to': {'centos': {'amd64': 'firefox-91.13.0', 'arm64v8': 'grafana-8.5.5'}, 'ubuntu': {'amd64': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v20.5.1'}, 'macos': {'amd64': 'luxon-3.0.0', 'arm64v8': 'luxon-3.0.0'}}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[install_package_non_vulnerable] | 119.00 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'install_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'centos': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'ubuntu': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'windows': {'amd64': 'node-v19.5.0'}, 'macos': {'amd64': 'http-proxy-0.7.0', 'arm64v8': 'http-proxy-0.7.0'}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results | |||||||
| Passed | test_vulnerability_detector/test_vulnerability_detector.py::TestScanSyscollectorCases::test_vulnerability_detector_scans_cases[remove_non_vulnerable_packge] | 177.08 | |||||
|
-------------------------------Captured log call-------------------------------- CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:611 Starting scan cases tests CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:612 Case Info: {'tasks': [{'operation': 'remove_package', 'target': 'agent', 'check': {'alerts': True, 'state_index': True}, 'package': {'centos': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'ubuntu': {'amd64': 'grafana-9.5.13', 'arm64v8': 'grafana-9.5.13'}, 'windows': {'amd64': 'node-v19.5.0'}, 'macos': {'amd64': 'http-proxy-0.7.0', 'arm64v8': 'http-proxy-0.7.0'}}}]} CRITICAL test_vulnerability_detector:test_vulnerability_detector.py:637 Final Results -----------------------------Captured log teardown------------------------------ ERROR test_vulnerability_detector:test_vulnerability_detector.py:204 Truncate managers and agents logs ERROR test_vulnerability_detector:test_vulnerability_detector.py:207 Restoring original configuration ERROR test_vulnerability_detector:test_vulnerability_detector.py:210 Restarting environment | |||||||