CVE Dashboard available

eyalr 2019-08-08 06:10:19 UTC #83

HI
I run import today and got this error:

I saw also in BESRelay.log file this error:
/api/dashboardvariables/CVEs.ojo (9608) - XML parsing error: invalid byte ‘?’ at position 2 of a 2-byte sequence Line 1, Character 245761

Any suggestions ?

Thanks

leewei 2019-08-13 00:23:02 UTC #84

@eyalr I tried the import for year 2019 and it imported OK.
Where you get the error is indeed when the util is trying to POST to your server using the /api/dashboardvariables/CVEs.ojo resource.

I tried with version 9.5.5.193 of the BigFix Server on Windows and in English.

Is this something that had worked before, or is this the first try?

leewei 2019-08-13 00:24:28 UTC #85

@Pete_F does this error happen everytime here? Where the code is running, it is all the NVD website, and no BigFix yet.

leewei 2019-08-13 00:28:55 UTC #86

@diwanker, when the utility runs, the XML file is downloaded from NVD website. I looked at the nvdcve-2.0-2019.xml file and I don’t see CVE-2019-0708 in the file.
So the vulnerability is not in the download file.

Pete_F 2019-08-13 12:10:38 UTC #87

@leewei… Thanks for replying . It happens every time. I am running it on the main server at command line level using master admin creds and not using the schedule task.

I also run it on my console machine using the task and the master admin local credentials and it stops at the same point with the same error level… The only “Odd” thing about our set up is we use a different port from 52311 but I use that in the command line and also in the task parameter pages… I have tried with the FQDN and the ip address.
The import worked once in September of 2018 so I do see the dashboard and the data up to that point but since then , the importer has no succeeded.
Dashboard is V1.3. Importer is 1.6.0
I have deleted the tar and the xms to pull in new data , but no change…
Server is 9.5.13.130