CVE information on BFI

Usage and Config BFI
1

So I started checking out the CVE information feature of BFI 9.2.12. For some reason, the upgrade did not pull all the cve related files and I had to download the files and populate the cve_data folder.

Now I am able to see the Vulnerability Risk preview on the Software components page. It lists the CVE’s associated with the software components from the catalog.

However I am looking at this information to come up on the Software installations page since it would accurately show which of the software instances on the environment are having CVE’s associated.

Is there a way to achieve that out of the box?

2

Hi,

Out of the box Vilnerability Risk on Software Classification panel is available in 9.2.13 that will be soon released.

At the moment you can check how this feature works on our beta server. Below is a link to The Beta Program. Crucial part of the doc above is “How to participate in the beta?”

https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Wa8d99d587a5c_466d_866e_814dee2e0268/page/Cloud

2 Likes