Hello,
Is it possible to generate a report for all systems affected by a specific vulnerability?
Best regards
If the vulnerability is represented by a single CVE, then you can accomplish this by going to the report for a task that includes all the hosts, then using a filter like this:
cve~"CVE-2023-12345"
Or whatever your cve id actually is. This will ensure that all findings no matter which vulnerability test detected the CVE will be included. Otherwise, you would need to use the nvt id as the filter, and be consider that a particular “vulnerability” may be detected by different nvt (say on different OS, Windows vs Linux).
Otherwise, you could use python-gvm along with filters on the get_results function to fetch all the results, but there is no built in reporting format for this method.
2 Likes
This topic was automatically closed after 90 days. New replies are no longer allowed.