AnsweredAssumed Answered

Patch Avail Report - want to include configuration fixes

Question asked by MtP on Oct 4, 2013
Latest reply on Oct 7, 2013 by MtP

I've typically used a dynamic search list for "patch available" when creating reports.

The problem with this approach is the report doesn't include things that are configuration issues

 

QID 70003 Null Session / Passwod netbios access

qid 27210 unauthenticated access to ftp server allowed

qid 38304 ssh protocol version 1 supported

qid 100012 Insecure MIcrosoft Internet Explorer Intranet Zone User Setting Detected.

Etc.

 

Using 'no patch available' in an exclusion search list has similar results.  that's kind of expected.

 

Is there any way to JUST exclude the zero days, and the items the vender hasn't patched yet?  

Outcomes