Important

   

Starting version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about BMC Network Automation 8.9.02 and previous versions. For TrueSight Network Automation 8.9.03 and later releases, see the TrueSight Network Automation documentation.

Viewing the security vulnerabilities listing and details

This topic describes how to view and filter the list of security vulnerabilities and how to view their details.

To view the list of security vulnerabilities

  1. Navigate to Admin > Network Admin > Security Vulnerabilities.
    The Security Vulnerabilities page is displayed.

  2. Perform one of the following tasks by using menu options:

    Menu optionDescription
    ImportImport one or more security advisories or bulletins obtained from a vendor into BMC Network Automation. For details, see Importing security vulnerabilities.
    FilterFilter the list based on a specific criterion. You can filter the list by vendor, ID, title, and/or rule name by using the text area or menu in the corresponding column header. For details, see Filtering the listing of security vulnerabilities.
    DeleteDelete one or more selected vulnerabilities. Each row of the table has a check box on its left to select the vulnerability for deletion. The check box in the header row selects all rows on the current page. When you try to delete a vulnerability, you are provided with the option to delete the associated rule(s) as well, if you have the required permission and if none of the rules are in use or being referenced by other components in BMC Network Automation.
    Print ViewPrint the list of security vulnerabilities.
    RefreshRefresh the list.
    HelpDisplay help about security vulnerabilities.
  3. Perform one of the following actions on a security vulnerability by clicking an icon in the Actions column:

    IconActionDescription
    ViewDisplay all information about the security vulnerability. For details, see Viewing a security vulnerability.
    DeleteDelete the security vulnerability and, optionally, its associated rule(s).
    Generate RuleGenerate a compliance rule from the security vulnerability.
    When you click this icon, the Add Rule page appears with default selections for the security vulnerability. You must review all the settings for correctness, make all the necessary changes, and fill in the required information. For more information, see Generating compliance rules.
    Manage RulesAssociate and dissociate compliance rules with the security vulnerability. For details, see Managing compliance rules.
    ExpandDisplay additional, important characteristics of the vulnerability inline, including the vendor link. The vendor link contains complete information about the security vulnerability provided by the originator.

To filter the list of security vulnerabilities

Click the Filter menu option above the security vulnerabilities list to display the filtering options, as shown in the following figure:

You can use asterisk (*) as the wildcard character in all text-based fields to specify the filter criterion.

Note

Use the Any Text Content filter to search for a string in any text field. Use this filter when you are not sure how a security vulnerability is organized or where BMC Network Automation stores information about a security vulnerability.

To view the details of a security vulnerability

Click the View icon in the Actions column to see the details about a security vulnerability. Only those fields that the vendor supplies and that are understood by the security vulnerability importer are present in the details. Only the title always appears in the details.


FieldDescription
TitleA summary of the nature of the security vulnerability
CVE ID(s)The Common Vulnerabilities and Exposures (CVE) identifier(s) from the central CVE database
Base Score

The numerical severity of the issue, ranging from 0.0 to 10.0

When the vendor specifies more than one base score (for example, one base score per CVE ID), this field contains the highest score.

Version

The latest version of the issue, usually a dot-separated numerical version string (for example, 1.2.3)

This field determines if an existing security vulnerability is older than the one being imported. Only newer versions are imported successfully when versions are present.

Status

The current state of the security vulnerability

The values are vendor-specific.

Initial ReleaseThe date/time when the security vulnerability was first published by the vendor
CreatedThe date/time when the security vulnerability was added to BMC Network Automation
Last ImportedThe date/time when the security vulnerability was last updated in BMC Network Automation
Associated Rule(s)The names of any associated compliance rules
Vendor LinkThe link to the vendor's page containing complete details about the security vulnerability
DescriptionDetails about the nature of the security vulnerability, its impact, and so on
RemediationThe steps that can be taken to mitigate, correct, or avoid the security vulnerability
Affected ProductsThe particular products, models, or operating systems affected by the security vulnerability
Unenforceable Versions

The operating system(s) that lack any specific version information

A vendor might report a very broad version or a generalized description of an operating system (for example, "all 6509 models"), but such a description cannot be converted into an OS version pattern appropriate for use in a compliance rule, thus making the versions unenforceable. If you have a device described by an unenforceable version, you might manually develop a rule by using the detailed information provided by the vendor on the vendor's link.

Affected OS VersionsThe particular device operating system version(s) that are at risk

Related topic

Associating security vulnerabilities with compliance rules
 

Was this page helpful? Yes No Submitting... Thank you

Comments