CVE Dashboard available

eyalr 2019-08-08 06:10:19 UTC #83

HI
I run import today and got this error:

I saw also in BESRelay.log file this error:
/api/dashboardvariables/CVEs.ojo (9608) - XML parsing error: invalid byte ‘?’ at position 2 of a 2-byte sequence Line 1, Character 245761

Any suggestions ?

Thanks

leewei 2019-08-13 00:23:02 UTC #84

@eyalr I tried the import for year 2019 and it imported OK.
Where you get the error is indeed when the util is trying to POST to your server using the /api/dashboardvariables/CVEs.ojo resource.

I tried with version 9.5.5.193 of the BigFix Server on Windows and in English.

Is this something that had worked before, or is this the first try?

leewei 2019-08-13 00:24:28 UTC #85

@Pete_F does this error happen everytime here? Where the code is running, it is all the NVD website, and no BigFix yet.

leewei 2019-08-13 00:28:55 UTC #86

@diwanker, when the utility runs, the XML file is downloaded from NVD website. I looked at the nvdcve-2.0-2019.xml file and I don’t see CVE-2019-0708 in the file.
So the vulnerability is not in the download file.

Pete_F 2019-08-13 12:10:38 UTC #87

@leewei… Thanks for replying . It happens every time. I am running it on the main server at command line level using master admin creds and not using the schedule task.

I also run it on my console machine using the task and the master admin local credentials and it stops at the same point with the same error level… The only “Odd” thing about our set up is we use a different port from 52311 but I use that in the command line and also in the task parameter pages… I have tried with the FQDN and the ip address.
The import worked once in September of 2018 so I do see the dashboard and the data up to that point but since then , the importer has no succeeded.
Dashboard is V1.3. Importer is 1.6.0
I have deleted the tar and the xms to pull in new data , but no change…
Server is 9.5.13.130

Pete_F 2019-08-29 12:44:27 UTC #88

@leewei… Sorry to trouble you, but its still failing… Is there a way to clear out the database totally and re-import?.. im assuming its stored in SQL but I cant see the table names that would identify it.?

GwyndafDavies 2019-09-05 12:31:38 UTC #89

I’ve recently been getting the same error on 9.5.13. Once it gets to the end of the first batch of CVEs it fails with Server error 500: I’ve not looked into it any deeper.

ttheierl 2019-09-06 16:30:09 UTC #90

@leewei @jgo @michael_stone

As others, I have been receiving this same error for many months during imports. It always seems to fail on the same CVEID. One thing I noticed is the uncompressed nvdcve-2.0-2019.xml file is many times the size of previous years.

IIRC, during the Orlando Master Class the lab environment had a newer or refreshed CVE dashboard in the console. Is there a newer version of this add-on that can be made available?

lombsalv 2019-09-16 07:40:21 UTC #91

Hi Lee Wei,

Great Dashboard. It works perfectly.
But is there a possibility to add a box to filter the results based on Computer Groups in the Show CVEs tab like in the Show Computers tab ?

Best Regards.

Salvatore