Forum Discussion

Copper Contributor

Mar 15, 2022

Solved

CVE detection mechanism

Hello everyone, I have a question about the CVE's displayed in the risk assessment report. According to the documentation the list of CVE's is generated based on the detected devices. Does th...

Haaris_Faizan
Mar 15, 2022
VaninaYord
Device and OS means like if its Windows XP,Windowsn 10 ,Windows Server 2016 etc.
Sensor will not detect whether you patch or you don't because it doesn't scan. It just shows you CVEs with respect to each OS and device and then we have to exclude manually from the report.
If you apply a patch it will not detect those changes because it doesn't scan so only option is to exclude after patching

Haaris_Faizan

Brass Contributor

Mar 15, 2022

VaninaYord

CVEs are shown according to device and OS. In case you patch the vulnerability or its false positive it can be excluded via data mining.
1)Open CVEs report in data mining
2)Edit admin mode and
3)Select CVEs which needs to be excluded and exclude CVEs

You will find excluded CVEs in Exclude CVE report in data mining

VaninaYord
Copper Contributor
Mar 15, 2022
Haaris_Faizan ,

Thank you for your response!
Could you elaborate on "CVEs are shown according to device and OS."? Will this mean that if I patch a vulnerability and run a scan again the software will detect the change and not show the CVE?

Greetings,
Vanina
- Haaris_Faizan
  Brass Contributor
  Mar 15, 2022
  VaninaYord
  Device and OS means like if its Windows XP,Windowsn 10 ,Windows Server 2016 etc.
  Sensor will not detect whether you patch or you don't because it doesn't scan. It just shows you CVEs with respect to each OS and device and then we have to exclude manually from the report.
  If you apply a patch it will not detect those changes because it doesn't scan so only option is to exclude after patching