cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
davidle
Active participant

CVE association with SAIDs

Hello,

Does SVM have the capability to provide a report of the CVE References that are associated with each SAID assigned to a product?

Thanks!

- David Le

4 Replies
Flexera ayung_2831
Flexera

Re: CVE association with SAIDs

Hi David,

The reports generated by SVM are not detailed to the point of listing all CVE's associated with a SAID. But if you click on the SAID from within SVM the info in the SAID will show associated CVE's.

However, if you'd like a more automated way obtain CVE info for a SAID, you may want to look into Software Vulnerability Research. As its API's allow you to retrieve CVE's associated with SAIDs.

 

Thank you David.

Flexera ayung_2831
Flexera

Re: CVE association with SAIDs

0 Kudos
davidle
Active participant

Re: CVE association with SAIDs

Hi @ayung_2831 ,

I have discovered that we currently have access to Flexera's Software Vulnerabiliy Research (SVR) API.

When I execute a "GET" command on the Advisory API, I do not see any results pertaining CVE information. 

See screenshot for example.

Thanks!

- David

davidle_0-1579114718368.png

0 Kudos
Flexera ayung_2831
Flexera

Re: CVE association with SAIDs

Hi David,

Add the advisory ID as a part of the get. So something like:

https://api.app.flexerasoftware.com/api/advisories/220364

That will return more details of that Advisory.

I hope that helps.


Thank you David.

 

 

0 Kudos