CVE Dashboard available

leewei 2017-06-13 16:09:45 UTC #41

Hi Nick, first of all, do use the latest version 1.6.0.0 which will ensure importing 2017 vulnerabilities.
https://leewei.com/bigfix/prod/cve/bigfix_cve_util.exe

For the 503 error, it is referring to connection to the BigFix Servers, and the only symptoms I have seen so far has been Web Reports getting into some issues.

gregd7 2017-06-20 15:12:33 UTC #42

@leewei,
I can confirm that the 1.3.0.0 version of bigfix_cve_util.exe does not download/import the 2017 vulnerabilities. bigfix_cve_util.exe 1.6.0.0 resolved that problem. Will the new version be posted to the IBM X-Force Exchange site?
Thanks for your work on this.

leewei 2017-06-20 23:14:08 UTC #43

@gregd7 the X-Force Exchange site won’t change for a while.
Please use the direct URL link which will always contain the latest.

gregd7 2017-06-21 16:39:26 UTC #45

What is required to give a non-master operator access to the CVE dashboard? My CVE dashboard is in a custom site. Non-Master Operators cannot see it despite having Reader or Writer permissions to the CVE site.

gregd7 2017-06-21 19:49:29 UTC #46

@leewei, @aghosh,
I have the same problem as aghosh, where I don’t see any computers in the “Show Computers” page. I am also on BigFix 9.5.3.211. I do not get any errors in the log file when running bigfix_cve_util. In my case, I have a custom site for the CVE dashboard that does not have any subscribed computers. I tried loading the dashboard in Debug mode as well and I still do not see any computers in the Show Computers page.

@aghosh - have you found a solution to this problem?

aghosh 2017-06-21 20:27:55 UTC #47

@gregd7 @leewei

No, I did not get any errors on mine either and no I haven’t found a solution to this issue.

eyalr 2017-06-27 06:50:50 UTC #48

hello
when i am running the bigfix_cve_util.exe util i got this error message :
E:\Sources\CVEDashboard\CVEDashboard\importer>bigfix_cve_util.exe -username=user
Enter your password: **********
Running bigfix_cve_util version: 1.6.0.0
Connected to BigFix Server successfully
Downloading GZ file: http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-2017.xm
l.gz
Error: The remote server returned an error: (407) Proxy Authentication Required.
Any Ideas how to solve this issue ?
Thanks

leewei 2017-06-27 17:55:53 UTC #49

@aghosh and @gregd7, there are 2 parts to the permission.
When we run bigfix_cve_util.exe, we should run it as a Master Operator because it will iterate all the CVEs looking for Fixlets to correlate. So if the user does not have access to certain sites, it will not produce the optimum results.

The data processed is stored in BigFix as “dashboard variables”.
If you run the following Session Relevance statement, you can see if the operator has visibility of the variable keeping the computer information.

values of variables whose (name of it = "CVEComputers") of bes wizards whose (name of it = "CVEs")

leewei 2017-06-27 17:58:15 UTC #50

@eyalr, the utility is not trained to use the proxy it seems.
You can get around that by manually downloading the gz files by year.
https://nvd.nist.gov/vuln/data-feeds

Put them in the same directory as the bigfix_cve_util and the util will pick them up from your directory instead of trying to download from the NVD website.

eyalr 2017-07-25 12:13:59 UTC #51

Hello
I have new issue with CVE Dashborad.
It works well till few days ago and now I just see Apple Source vulnerabilities.
Can i reset all information and load it again ? Or do something else for getting again all information ?

Thanks in Advanced
Eyal

leewei 2017-07-25 14:41:06 UTC #52

Hello @eyalr, you can re-run the bigfix_cve_util program again to reload the data.
The latest package is at the top of the thread, and currently version 1.6.
Please let me know if there are any issues.

Lee Wei

fhansen 2017-07-31 13:37:10 UTC #53

Hi Lee…I love what you created here so I added a nice javascript amchart to the data.

The only problem that I’m running into…is I cannot get the vulnerable computers field from your grid based view. I am trying to load this data into a json object that I use later:

  // FWH: Json provider
  jsonOneRow += ' {"cveid": "' + cveNo + '", "totalcomputers": '+ subcribedComputers +', "cveSource": "'+ source +'", "numfixlets": "'+ numFixlets +'", "sourceSize": 25, "vulnerablecomputers":'+ XXXXX +', "cvssscore": '+ score +' },';

The XXXXX vulnerablecomputers field…where is that defined in your javascript? I see this

  var rel = '(td "align=right" of (it as string) of number of elements of it & td "align=right" of (it as string) of sum of applicable computer counts of elements of it) of sets of bes fixlets whose (cve id list of it contains "' + cveNo + '")';

But then not sure where you plugged in the javascript variable.

Thanks for the cool projects that you build and share with the community!

Frank

leewei 2017-08-02 04:16:59 UTC #54

@fhansen Frank, I wanted to acknowledge seeing your post, but don’t currently have access to a test system to check this out for you. I hope soon.

leewei 2017-08-03 20:22:33 UTC #55

@fhansen, looks like “Vulnerable Computers” is just “numComputers”.

Lee Wei

fhansen 2017-08-08 14:43:22 UTC #56

Got it now…Thanks again.

Mojea 2017-08-17 18:41:36 UTC #57

Hello All,

I just downloaded and installed this dashboard and I really like it.
The only question I have is, how could I modify it to show a specific computer group and CVEs?

I see an option to select a computer group when I click on show computer but not on the main screen.

The reason for asking is because we are are an MSP and have several customers in our environment, it would be helpful to be able to filter on a specific customer or computer group.

leewei 2017-08-17 19:39:05 UTC #58

@Mojea, Good idea and it makes sense, but the dashboard does not currently do that. We are not able to filter by computer group within the dashboard.

Mojea 2017-08-17 20:44:48 UTC #59

Thanks @leewei for such a quick reply!!! I really appreciate you taking the time to respond.

I am relatively new to Bigfix, could you provide some basic guidance on how I could add that feature?
IE what tools are required to edit the dashboard, skills required to program it, etc…

Also is there anyway to make this a scheduled report? or import a report based on this info?

leewei 2017-08-18 15:12:15 UTC #60

@Mojea, The dashboard is written in HTML, JavaScript with the BigFix Session Relevance language. So knowledge of all 3 will be useful. This is not trivial, so I would try to find someone with prior experience.
By the way, the dashboard is distributed as source code, and the entry point is CVEs.ojo file.
If you follow that file, you will see all the source.

Scheduling is very different because it is done from Web Reports and not the Console.

BF_dev 2017-08-18 16:04:46 UTC #61

Hello @leewei

Can this dashboard be available as report on BigFix webreports UI, is it available ?

Thanks !