Hi All,
How do we find (CVE-2023-36584) zero day vulnerability in servers by bigfix ?
Is BigFix will do VA scanning like Nessus or Qualys?
Regards
AK
BigFix filters can be used to search CVE ID; if a relevant patch is available, you will be able to see it:
Another option checking CVE ID using BigFix WebUI, see below:
You should consider looking into BigFix CyberFocus - HCLSoftware
BigFix can help you quickly respond to vulnerabilities by deploying patches and ensuring compliance with security policies.
2 Likes
Just to add to @vk.khurava responce, be aware that with this CVE being for a monthly cummulative, the Oct update is superseded by the Nov 2023 update which is in turn superseed by the Dec 2023 update and so on, and those will not nessesarilly reference the orginal CVE. Unless you are explicity enabling to evaulte supserseded fixlets (not necessarily wise as it adds a lot of old content into the client evaluation cycle), you may not gain the level visible you are after by looking at the number of applicable computers for a superseded fixlet.
1 Like
Hi khurava,
Thanks for the details.
One more thing, if fixlets not available in BigFix for the particular CVE where we can find it?
Is there any analyses need to activate in BigFix for VA scanning?
Regards
AK
Hi
How do we enable evaluate superseded fixlets?
Regards
AK