wazuh · juliamagan · May 22, 2024 · May 13, 2024 · May 13, 2024 · May 13, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -62,6 +62,7 @@ All notable changes to this project will be documented in this file.
 
 ### Fixed
 
+- Remove false positive from E2E Vulnerability Detection tests ([#5369](https:/wazuh/wazuh-qa/pull/5369)) \- (Framework)
 - Fix multigroups guess system test ([#5396](https:/wazuh/wazuh-qa/pull/5396)) \- (Tests)
 - Fix hotfixes syscollector agent simulator messages ([#5379](https:/wazuh/wazuh-qa/pull/5379)) \- (Framework)
 - Fix restart agent in change manager Vulnerability Detector E2E test case ([#5355](https:/wazuh/wazuh-qa/pull/5355)) \- (Tests)

diff --git a/...wazuh_testing/wazuh_testing/end_to_end/vulnerability_detector_packages/vuln_packages.json b/...wazuh_testing/wazuh_testing/end_to_end/vulnerability_detector_packages/vuln_packages.json
@@ -31,8 +31,7 @@
  "CVE-2022-31097",
  "CVE-2022-23552",
  "CVE-2022-23498",
- "CVE-2023-3128",
- "CVE-2023-4822"
+ "CVE-2023-3128"
  ],
  "urls": {
  "ubuntu": {
@@ -63,8 +62,7 @@
  "CVE-2022-31097",
  "CVE-2022-23552",
  "CVE-2022-23498",
- "CVE-2023-3128",
- "CVE-2023-4822"
+ "CVE-2023-3128"
  ],
  "urls": {
  "centos": {
@@ -95,7 +93,7 @@
  "CVE-2022-31097",
  "CVE-2022-23552",
  "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2023-3128"
  ],
  "urls": {
  "ubuntu": {
@@ -126,7 +124,7 @@
  "CVE-2022-31097",
  "CVE-2022-23552",
  "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2023-3128"
  ],
  "urls": {
  "centos": {
@@ -136,6 +134,30 @@
  },
  "uninstall_name": "grafana*"
  },
+ "grafana-8.5.27": {
+ "package_name": "grafana",
+ "package_version": "8.5.27",
+ "CVE": [],
+ "urls": {
+ "ubuntu": {
+ "amd64": "https://dl.grafana.com/oss/release/grafana_8.5.27_amd64.deb",
+ "arm64v8": "https://dl.grafana.com/oss/release/grafana_8.5.27_arm64.deb"
+ }
+ },
+ "uninstall_name": "grafana*"
+ },
+ "grafana-8.5.27-1": {
+ "package_name": "grafana",
+ "package_version": "8.5.27-1",
+ "CVE": [],
+ "urls": {
+ "centos": {
+ "amd64": "https://dl.grafana.com/oss/release/grafana-8.5.27-1.x86_64.rpm",
+ "arm64v8": "https://dl.grafana.com/oss/release/grafana-8.5.27-1.aarch64.rpm"
+ }
+ },
+ "uninstall_name": "grafana*"
+ },
  "grafana-9.1.1": {
  "package_name": "grafana",
  "package_version": "9.1.1",
@@ -152,8 +174,7 @@
  "CVE-2022-31130",
  "CVE-2022-31123",
  "CVE-2022-23552",
- "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2022-23498"
  ],
  "urls": {
  "ubuntu": {
@@ -179,8 +200,7 @@
  "CVE-2022-31130",
  "CVE-2022-31123",
  "CVE-2022-23552",
- "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2022-23498"
  ],
  "urls": {
  "centos": {
@@ -206,8 +226,7 @@
  "CVE-2022-39307",
  "CVE-2022-39306",
  "CVE-2022-23552",
- "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2022-23498"
  ],
  "urls": {
  "ubuntu": {
@@ -233,8 +252,7 @@
  "CVE-2022-39307",
  "CVE-2022-39306",
  "CVE-2022-23552",
- "CVE-2022-23498",
- "CVE-2023-4822"
+ "CVE-2022-23498"
  ],
  "urls": {
  "centos": {
@@ -292,26 +310,26 @@
  },
  "uninstall_name": "grafana*"
  },
- "grafana-10.0.0": {
+ "grafana-9.5.17": {
  "package_name": "grafana",
- "package_version": "10.0.0",
- "CVE": ["CVE-2023-4822", "CVE-2023-4399", "CVE-2023-4822"],
+ "package_version": "9.5.17",
+ "CVE": [],
  "urls": {
  "ubuntu": {
- "amd64": "https://dl.grafana.com/oss/release/grafana_10.0.0_amd64.deb",
- "arm64v8": "https://dl.grafana.com/oss/release/grafana_10.0.0_arm64.deb"
+ "amd64": "https://dl.grafana.com/oss/release/grafana_9.5.17_amd64.deb",
+ "arm64v8": "https://dl.grafana.com/oss/release/grafana_9.5.17_arm64.deb"
  }
  },
  "uninstall_name": "grafana*"
  },
- "grafana-10.0.0-1": {
+ "grafana-9.5.17-1": {
  "package_name": "grafana",
- "package_version": "10.0.0-1",
- "CVE": ["CVE-2023-4822", "CVE-2023-4399", "CVE-2023-4822"],
+ "package_version": "9.5.17-1",
+ "CVE": [],
  "urls": {
  "centos": {
- "amd64": "https://dl.grafana.com/oss/release/grafana-10.0.0-1.x86_64.rpm",
- "arm64v8": "https://dl.grafana.com/oss/release/grafana-10.0.0-1.aarch64.rpm"
+ "amd64": "https://dl.grafana.com/oss/release/grafana-9.5.17-1.x86_64.rpm",
+ "arm64v8": "https://dl.grafana.com/oss/release/grafana-9.5.17-1.aarch64.rpm"
  }
  },
  "uninstall_name": "grafana*"

diff --git a/tests/end_to_end/test_vulnerability_detector/cases/test_vulnerability.yaml b/tests/end_to_end/test_vulnerability_detector/cases/test_vulnerability.yaml
@@ -44,6 +44,7 @@
  Upgrade of a vulnerable package which maintain vulnerability
  preconditions:
  operation: install_package
+ target_os: ['centos', 'ubuntu', 'windows', 'macos']
  package:
  centos:
  amd64: grafana-8.5.5-1
@@ -89,6 +90,7 @@
  description: |
  Upgrade of a vulnerable package which include a new vulnerability
  preconditions:
+ target_os: ['macos']
  operation: install_package
  package:
  macos:
@@ -128,6 +130,7 @@
  Upgrade of a vulnerable package which maintain vulnerabilities
  and include new ones
  preconditions:
+ target_os: ["macos"]
  operation: install_package
  package:
  macos:
@@ -224,53 +227,71 @@
  macos:
  amd64: http-proxy-0.7.2
  arm64v8: http-proxy-0.7.2
+ teardown:
+ target_os: ['centos', 'ubuntu']
+ operation: remove_package
+ package:
+ centos:
+ amd64: grafana-9.5.13-1
+ arm64v8: grafana-9.5.13-1
+ ubuntu:
+ amd64: grafana-9.5.13
+ arm64v8: grafana-9.5.13
 
 - case: 'Upgrade: Non vulnerable to vulnerable package'
  id: upgrade_package_nonvulnerable_to_vulnerable
  description: |
  Upgrade to non vulnerable package to vulnerable
  preconditions:
+ target_os: ['centos', 'ubuntu', 'macos']
  operation: install_package
  package:
  macos:
  amd64: luxon-2.5.2
  arm64v8: luxon-2.5.2
+ centos:
+ amd64: grafana-8.5.27-1
+ arm64v8: grafana-8.5.27-1
+ ubuntu:
+ amd64: grafana-8.5.27
+ arm64v8: grafana-8.5.27
  body:
  operation: update_package
  package:
  from:
  centos:
- amd64: grafana-9.5.13-1
- arm64v8: grafana-9.5.13-1
+ amd64: grafana-8.5.27-1
+ arm64v8: grafana-8.5.27-1
  ubuntu:
- amd64: grafana-9.5.13
- arm64v8: grafana-9.5.13
+ amd64: grafana-8.5.27
+ arm64v8: grafana-8.5.27
  windows:
  amd64: node-v18.20.2
  macos:
  amd64: luxon-2.5.2
  arm64v8: luxon-2.5.2
  to:
  centos:
- amd64: grafana-10.0.0-1
- arm64v8: grafana-10.0.0-1
+ amd64: grafana-9.1.1-1
+ arm64v8: grafana-9.1.1-1
  ubuntu:
- amd64: grafana-10.0.0
- arm64v8: grafana-10.0.0
+ amd64: grafana-9.1.1
+ arm64v8: grafana-9.1.1
  windows:
  amd64: node-v20.5.1
  macos:
  amd64: luxon-3.0.0
  arm64v8: luxon-3.0.0
  teardown:
  operation: remove_package
+ target_os: ['centos', 'ubuntu', 'macos', 'windows']
  package:
  centos:
- amd64: grafana-10.0.0-1
- arm64v8: grafana-10.0.0-1
+ amd64: grafana-9.1.1-1
+ arm64v8: grafana-9.1.1-1
  ubuntu:
- amd64: grafana-10.0.0
- arm64v8: grafana-10.0.0
+ amd64: grafana-9.1.1
+ arm64v8: grafana-9.1.1
  windows:
  amd64: node-v20.5.1
  macos:
@@ -285,11 +306,11 @@
  operation: install_package
  package:
  centos:
- amd64: grafana-9.5.13-1
- arm64v8: grafana-9.5.13-1
+ amd64: grafana-9.5.17-1
+ arm64v8: grafana-9.5.17-1
  ubuntu:
- amd64: grafana-9.5.13
- arm64v8: grafana-9.5.13
+ amd64: grafana-9.5.17
+ arm64v8: grafana-9.5.17
  windows:
  amd64: node-v18.20.0
  macos:
@@ -304,11 +325,11 @@
  operation: remove_package
  package:
  centos:
- amd64: grafana-9.5.13-1
- arm64v8: grafana-9.5.13-1
+ amd64: grafana-9.5.17-1
+ arm64v8: grafana-9.5.17-1
  ubuntu:
- amd64: grafana-9.5.13
- arm64v8: grafana-9.5.13
+ amd64: grafana-9.5.17
+ arm64v8: grafana-9.5.17
  windows:
  amd64: node-v18.20.0
  macos:

diff --git a/tests/end_to_end/test_vulnerability_detector/conftest.py b/tests/end_to_end/test_vulnerability_detector/conftest.py
@@ -307,9 +307,7 @@ def setup(preconditions, teardown, host_manager) -> Generator[Dict, None, None]:
  target_to_ignore = list(set(host_manager.get_group_hosts('agent')) - set(agents_to_check))
 
  result = launch_parallel_operations(preconditions, host_manager, target_to_ignore)
- logging.info(f"Preconditions finished. Results: {result}")
-
- logging.info(f"Result of preconditions: {result}")
+ logging.critical(f"Preconditions finished. Results: {result}")
 
  test_timestamp = datetime.datetime.now(datetime.timezone.utc)
  test_timestamp = test_timestamp.strftime("%Y-%m-%dT%H:%M:%S")
@@ -343,7 +341,21 @@ def setup(preconditions, teardown, host_manager) -> Generator[Dict, None, None]:
  logging.info("Running teardown")
 
  if teardown:
- result = launch_parallel_operations(teardown, host_manager)
+ target_to_ignore = []
+ agents_to_check = host_manager.get_group_hosts("agent")
+
+ if 'target_os' in teardown:
+ agents_to_check = filter_hosts_by_os(host_manager, teardown['target_os'])
+ target_to_ignore = list(set(host_manager.get_group_hosts('agent')) - set(agents_to_check))
+
+ logging.critical(f"Running teardown for agent: {agents_to_check}")
+
+ result = launch_parallel_operations(teardown, host_manager, target_to_ignore)
+ logging.critical(f"Teardown Results: {result}")
+
+ timeout_syscollector_scan = VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN
+ timeout_vulnerabilities_detected = len(agents_to_check) * PACKAGE_VULNERABILITY_SCAN_TIME
+ time.sleep(timeout_syscollector_scan + timeout_vulnerabilities_detected)
 
 
 @pytest.fixture(scope='session', autouse=True)