Question on CVE-2025-24016 coverage

Hello,

we are using Greenbone docker for vulnerability scanning. Greenbone is updated and also the feed status is current. I can find this CVE under Feeds in NVT.

When I do Full and fast scan config of the Ubuntu server this vulnerability is not detected. This CVE is under openSUSE Local Security Checks and the Full and fast scan config contains these checks. I also setup QoD to 100.
The result of this scan is only one CVE CVE-1999-0524.
Should I configure anything else?
Thank you.

Best regards,
Vlad

CVE-2025-24016 is about “Wazuh Server” which is only part of the commercial Enterprise Feed so it is expected (if the community feed is used) that the vulnerability isn’t found.

But it seems the “openSUSE Local Security Checks” (See e.g. here: https://secinfo.greenbone.net/nvt/1.3.6.1.4.1.25623.1.1.18.1.2025.14889.19) is wrongly attributed to that CVE, i will give the responsible team a ping to see if this can be removed.

3 Likes

Hi Vlad,

About the QoD: Setting the QoD to 100 will only show found vulnerabilities with a score of 100 which is only used in completely reliable active checks. So in general you want to lower the QoD (either the default or even lower if you want to see as well false-positive prone results).

Wazuh checks (which affects CVE-2025-24016) are only available in the Greenbone Enterprise Feed.

Hope this helps,
Christian

2 Likes