Hi Nick, first of all, do use the latest version 1.6.0.0 which will ensure importing 2017 vulnerabilities.
https://leewei.com/bigfix/prod/cve/bigfix_cve_util.exe
For the 503 error, it is referring to connection to the BigFix Servers, and the only symptoms I have seen so far has been Web Reports getting into some issues.
@leewei,
I can confirm that the 1.3.0.0 version of bigfix_cve_util.exe does not download/import the 2017 vulnerabilities. bigfix_cve_util.exe 1.6.0.0 resolved that problem. Will the new version be posted to the IBM X-Force Exchange site?
Thanks for your work on this.
@gregd7 the X-Force Exchange site wonât change for a while.
Please use the direct URL link which will always contain the latest.
What is required to give a non-master operator access to the CVE dashboard? My CVE dashboard is in a custom site. Non-Master Operators cannot see it despite having Reader or Writer permissions to the CVE site.
@leewei, @aghosh,
I have the same problem as aghosh, where I donât see any computers in the âShow Computersâ page. I am also on BigFix 9.5.3.211. I do not get any errors in the log file when running bigfix_cve_util. In my case, I have a custom site for the CVE dashboard that does not have any subscribed computers. I tried loading the dashboard in Debug mode as well and I still do not see any computers in the Show Computers page.
@aghosh - have you found a solution to this problem?
No, I did not get any errors on mine either and no I havenât found a solution to this issue.
hello
when i am running the bigfix_cve_util.exe util i got this error message :
E:\Sources\CVEDashboard\CVEDashboard\importer>bigfix_cve_util.exe -username=user
Enter your password: **********
Running bigfix_cve_util version: 1.6.0.0
Connected to BigFix Server successfully
Downloading GZ file: http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-2017.xm
l.gz
Error: The remote server returned an error: (407) Proxy Authentication Required.
Any Ideas how to solve this issue ?
Thanks
@aghosh and @gregd7, there are 2 parts to the permission.
When we run bigfix_cve_util.exe, we should run it as a Master Operator because it will iterate all the CVEs looking for Fixlets to correlate. So if the user does not have access to certain sites, it will not produce the optimum results.
The data processed is stored in BigFix as âdashboard variablesâ.
If you run the following Session Relevance statement, you can see if the operator has visibility of the variable keeping the computer information.
values of variables whose (name of it = "CVEComputers") of bes wizards whose (name of it = "CVEs")
@eyalr, the utility is not trained to use the proxy it seems.
You can get around that by manually downloading the gz files by year.
https://nvd.nist.gov/vuln/data-feeds
Put them in the same directory as the bigfix_cve_util and the util will pick them up from your directory instead of trying to download from the NVD website.
Hello
I have new issue with CVE Dashborad.
It works well till few days ago and now I just see Apple Source vulnerabilities.
Can i reset all information and load it again ? Or do something else for getting again all information ?
Thanks in Advanced
Eyal
Hello @eyalr, you can re-run the bigfix_cve_util program again to reload the data.
The latest package is at the top of the thread, and currently version 1.6.
Please let me know if there are any issues.
Lee Wei
Hi LeeâŚI love what you created here so I added a nice javascript amchart to the data.
The only problem that Iâm running intoâŚis I cannot get the vulnerable computers field from your grid based view. I am trying to load this data into a json object that I use later:
// FWH: Json provider
jsonOneRow += ' {"cveid": "' + cveNo + '", "totalcomputers": '+ subcribedComputers +', "cveSource": "'+ source +'", "numfixlets": "'+ numFixlets +'", "sourceSize": 25, "vulnerablecomputers":'+ XXXXX +', "cvssscore": '+ score +' },';
The XXXXX vulnerablecomputers fieldâŚwhere is that defined in your javascript? I see this
var rel = '(td "align=right" of (it as string) of number of elements of it & td "align=right" of (it as string) of sum of applicable computer counts of elements of it) of sets of bes fixlets whose (cve id list of it contains "' + cveNo + '")';
But then not sure where you plugged in the javascript variable.
Thanks for the cool projects that you build and share with the community!
Frank
@fhansen Frank, I wanted to acknowledge seeing your post, but donât currently have access to a test system to check this out for you. I hope soon.
Hello All,
I just downloaded and installed this dashboard and I really like it.
The only question I have is, how could I modify it to show a specific computer group and CVEs?
I see an option to select a computer group when I click on show computer but not on the main screen.
The reason for asking is because we are are an MSP and have several customers in our environment, it would be helpful to be able to filter on a specific customer or computer group.
@Mojea, Good idea and it makes sense, but the dashboard does not currently do that. We are not able to filter by computer group within the dashboard.
Thanks @leewei for such a quick reply!!! I really appreciate you taking the time to respond.
I am relatively new to Bigfix, could you provide some basic guidance on how I could add that feature?
IE what tools are required to edit the dashboard, skills required to program it, etcâŚ
Also is there anyway to make this a scheduled report? or import a report based on this info?
@Mojea, The dashboard is written in HTML, JavaScript with the BigFix Session Relevance language. So knowledge of all 3 will be useful. This is not trivial, so I would try to find someone with prior experience.
By the way, the dashboard is distributed as source code, and the entry point is CVEs.ojo file.
If you follow that file, you will see all the source.
Scheduling is very different because it is done from Web Reports and not the Console.
Hello @leewei
Can this dashboard be available as report on BigFix webreports UI, is it available ?
Thanks !
