CVE Compliance Reports

Generate CVE Compliance reports to find incidents related to specific CVE IDs and the hosts that should have these incidents installed.

To Filter a CVE Compliance Report

Filter a CVE compliance report in the CVE Compliance Report Editor window. This report requires that you filter select an option from each filter.

1. In the Reports window, select CVE Compliance and then click the New button.

   The CVE Compliance Report Editor opens.

   

2. Select hosts for the report.

   See To Filter an Incident Compliance Report.

3. Select one of the following status options:

   • Compliant. Show hosts that are compliant with known security incidents.

   • Not Compliant. Show hosts that need management to be compliant.

4. Select the CVE IDs that you want Sun Update Connection – Enterprise to match to incidents.

   See To Filter a Report by Specific Package, CVE ID, or Incident.

Viewing CVE Compliance Reports

After you select the criteria in the CVE Compliance Report Editor, you can generate the report, or name it and save it as a template. If you save it as a template, you can select the template and then click Report in the Reports window. Whether you generate the report from the editor window or from a template, the same Report window opens.

The Report shows the CVE IDs you selected and the number of incident-packages with the compliance status that you selected (compliant or not compliant). If you selected compliant for status, the report shows how many packages have been installed on each of the selected hosts to be compliant with an incident. If you selected not compliant, the report shows how many packages should be installed on each host for incidents of this CVE ID.

To see which incidents are counted in the row, select a host name in the report and then click Details. The report displays the incident names and the packages of each incident.

To see informational details of an incident, select a line in the new report list and click Incident Information. The Incident Information window opens.

To Create a CVE Compliance Job

From the CVE Compliance report, you can create a job that will install, on the selected hosts, the packages needed to resolve the CVE ID and the incidents related to it.

1. In the CVE Compliance Report Editor, select Not Compliant for the Status.

2. Select the remaining criteria for the report and then generate the report.

3. Select listed CVE IDs and then click Details.

   The report shows the packages to install.

4. Select packages and then click Send Job.

   The job installs the recommended version of each package.