By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Inspector not updating Finding status to CLOSED

0

Hi,

We are running into an issue where we have applied all the fixes for Findings reported by the AWS Inspector. But, the Inspector Dashboard still reports them as Active instead of Closed. Interestingly, all the Findings related to Kernel updates are closed. Only Findings related to user packages installed via yum are not marked as Closed.

For example, one of the Findings is "CVE-2023-44487 - libnghttp2" which asks to update the libnghttp2 to at least 0:1.41.0-1.amzn2.0.4. We did the fix on the EC2 instance two days ago, but this is still marked as Active in the Inspector Dashboard.

Here's the screenshot of the Finding in the Inspector Enter image description here

And here's the output of yum list libnghttp2 Enter image description here

Topics
Security, Identity, & ComplianceCompute
Tags
Security, Identity, & ComplianceAmazon EC2Amazon Inspector
Language
English
viral
asked 6 months ago378 views
1 Answer
0

Hi, Did you make sure the SSM agent is up to date and active?

profile pictureAWS
SUPPORT ENGINEER
Ravid_G
answered 6 months ago
  • viral
    6 months ago

    Yes, it is already updated to the latest version 3.2.1705.0 and active. I have run Baseline scans multiple times, and it doesn't find any issues. Only the AWS inspector is not updating.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content