Question,
Is there a report, or how would I create a report, that would look at a Baseline with patches and then list out the CVE’s that would be addressed by executing that Baseline?
I can see with the CyberFocus CVE search were I can search for and select CVE(s) and it list out what patches I would need to add to a baseline but I sorta need the reverse.
Thanks in advance
Why take the longer route when BigFix WebUI already has what you need? Webui > App > patch, where all patches are listed in a column with their CVE IDs; simply filter for the patches you want, and the CVE will appear in the following column. You can also export the patches to Excel.
//WebUI View of May Patches:
//Example: Excel export with CVE IDs
I always forget about the WebUI. That is a good tip. We just go into the WebUI to setup Patch Policies.
It’s not so much a longer route but more about how we generate baselines. We are striving to make patching as automated as possible and take the humans out of the process. We are using automated patch policies. The automated patch policy builds the baseline and then executes it. Other internal groups will get a list of what patches were applied to their servers and they were interested to know if there was a column that we could add to that report that lists out the CVE(s) each patch addressed.
To look up the CVE(s) for the patches in our scenario, a human would need to look at the automated patch policy, log into WebUI, go to patches, and manually search for all the patches that were in the policy and then get that info to the interested parties.
This post below is just what you need:
Thank you Sir, I’ll pull that into Web Reports and go from there.
