Impact
At least one organization was experiencing issues with Machine reports. The issue started on UTC-5 24-01-04 17:41 and was reactively discovered 6.9 days (TTD) later by a customer who noticed the absence of vulnerabilities that were previously present [1]. The problem was resolved in 6.9 days (TTF) resulting in a total impact of 13.9 days (TTR) [2].
Cause
When processing Machine reports, similar reports from the same group were not being recognized. This resulted in a report marked as SAFE being moved to the wrong section. The problem originated while attempting to address some issues related to updates and changes in specific vulnerabilities [3].
Solution
The team implemented necessary validations to prevent the comparison of machine reports from different roots. Additionally, the code that allowed changing the root in a report was removed [4].
Conclusion
There was an incomplete perspective of the code when introducing the change that caused it. To prevent this from happening again, functional tests covering this case will be added [5]. This will ensure a more comprehensive testing process and help detect potential issues related to the identified problem. MISSING_TEST < INCOMPLETE_PERSPECTIVE