Hello dear community members,
please direct me to a template for posting questions, if I have missed it.
I am currently getting started with a VM installation of GSA (Community Edition).
First testing is done; scans running and I have reports with successful VTs, NVTs.
What I miss is the (easy) link of a new CVE or CERT Advisory to impacted systems.
Use case is verification, if we are impacted by a new CVE/CERT Advisory.
Using the web interface - I have not found an option to filter Results/Vulnerabilities/Hosts after a CVE or a CERT Adivsory. As I believe the relation between those ~classes should be fairly trivial on a database level, I wonder, why this does not exist in the community edition. Below the list of the problem.
As I believe this is a fairly standard feature, I am very suprised to not find this in the community edition - if I have missed it; a refer to the solution would be greatly appriciated.
Best, Markus
1.) Problem: it is not clear, how to find hosts impacted by a specific CVE / CERT-Advisory.
2.) What I have done:
searched for keywords as ‘cve host’ and others inside the community forum
searched inside GSA (Community Edition) regarding links from CVEs / CERT-Advisories to impacted hosts.
3.) Optimal solution would be:
- I have a CERT (e.g. Warn- und Informationsdienst)
- inside GSA → example.com/certbund/WID-SEC-2024-1347 I have a tab with the impacted host of my GSA installation
2.1 would be acceptable to have a list of linked hosts for a CVE too.
4.) This brings the enablement of quick checking, if my environment is impacted by a CVE / CERT Advisory.
5.) P.S.: wondering, if this feature is implemented in the enterprise edition, and a feature request / pull request would be needed to implement it for the community edition.