Looking for a simple vulnerability report that would associate the CVE ID with the vulnerable host (IP, DNS, Netbios). Need to be able to put this report into CSV. Any suggestions?
To search existing scan results for the existence of vulnerabilities associated with a specific CVE:
For an example, please reference Creating a Spectre/Meltdown Search Lists, Scan Option Profile, Remediation Tracking and Patch Reports
You can also leverage the Risk Analysis segment of the Reporting module, as follows:
I am interested to learn if you found this information of use. Please share your thoughts. Thanks and good luck!
Push - any news? Would like to have a report sorted by CVE-IDs.
If you're looking for a simple report that only has vulnerability data (without the extra stuff like threat, impact etc.), you could customize this from Report Templates.
Reports > Templates > New Scan Template
Under Findings - select your target assets.
Under Display, under Include the following detailed results in the report - only select Vulnerability Details. Save your template.
Select template, use quick-actions > Run.
At run-time, choose format as CSV.
You'll now have a CSV report that has the CVE ID's of the vulnerabilities. Now filter based on the CVE column.
is there a way to create a report which shows the cve's per target? Or even more interesting: CVE as the main ID, and then listed affected systems in the column.
This is a customer requirement (Same customer as Holger is working with) as they like to create their processes base on the CVE ID.
Within AssetView, you can query vulnerabilities.vulnerability.cveIds:
Retrieving data ...