** Note that this is a public ticket, please refrain from adding any sensitive data. **

Description of Problem

The customer is reporting that multiple CVEs are not correctly recognized, in specific, in the Hybrid Cloud Console -> Vulnerability Dashboard → CVEs, it shows No matching clusters found, while they do have an OpenShift cluster that should be affected by those CVEs.

The details are as follows: The customer has an OpenShift 4.13.9 cluster, however, the following 6 CVEs are fixed after 4.13.9 but not recognized as CVEs that affect their cluster. Please see also the screenshots in the attached Excel file.

CVE-2022-41723

https://access.redhat.com/security/cve/CVE-2022-41723

CVE-2023-29406

https://access.redhat.com/security/cve/CVE-2023-29406

CVE-2023-3777

https://access.redhat.com/security/cve/CVE-2023-3777

CVE-2023-3978

https://access.redhat.com/security/cve/CVE-2023-3978

CVE-2023-4015

https://access.redhat.com/security/cve/CVE-2023-4015

CVE-2023-6679

https://access.redhat.com/security/cve/CVE-2023-6679

Please feel free to let me know if there is anything else necessary from me or the customer. Thank you!

How reproducible

Always

Steps to Reproduce

1. [Step 1]
2. [Step 2]
3. [Step 3]

Actual Behavior

[Describe the issue in detail, including what is happening and where]

Expected Behavior

[Describe what should be happening instead]

Business Impact / Additional info