This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Vulnerability data from cvedetails?

ether_net
Engaged Sweeper

‎03-18-2022 01:08 PM

Hi,

Given there's a public resource of vulnerable software at https://www.cvedetails.com/ - is there any way to pull that data into Lansweeper, given it obviously has the software/version data?

I read https://www.lansweeper.com/resources/vulnerability-updates/ which states "Lansweeper holds more than 400 built-in network reports in the report library, but ad-hoc vulnerabilities mostly require a custom vulnerability report " - which to me seems a bit wrong - cvedetails has TONS of info about published vulnerabilities - why not pull from there??
Labels:
4 REPLIES 4
IainCaldwell
Lansweeper Employee
Lansweeper Employee

‎07-07-2022 12:27 PM

Hi
Not sure if you've noticed by our asset to NIST vulnerabilities mapping has gone into preview and is now available via the cloud platform.
0 Kudos
IainCaldwell
Lansweeper Employee
Lansweeper Employee

‎03-28-2022 12:17 PM

I can't really give specific advice as I don't know the circumstances but in my previous jobs it was always my opinion that I should avoid using my limited time and resources on something if it was on a partners roadmap. Better to focus my time and effort on the other priorities.
Waiting can be a pain, but building yourself is always more effort than expected and the maintenance etc is always unexpectedly more hassle than planned.

That said it really depends how urgent you need it.

Maybe worth reaching out to your Lansweeper account contact to get an update (there may be a chance we will be looking for customers to work with)
0 Kudos
ether_net
Engaged Sweeper

‎03-22-2022 12:54 PM

Thanks for the reply, Iain. It'd be a massively useful addition.

Presubmly I could just add some tables to the database myself, and do a join?

It's the faff of adding automation myself to pull data down into the LS database that I don't want to have to maintain.
0 Kudos
IainCaldwell
Lansweeper Employee
Lansweeper Employee

‎03-22-2022 12:08 PM

Hi, we are looking at building a level of vulnerabilities into the product using nist as the data source (which I believe is where the referenced site above gets its data from). We haven't got a planned release but are actively working something in the lab - hopefully we will announce more soon.
Thanks for the feedback.

Cheers Iain
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now