Hello,
Does SVM have the capability to provide a report of the CVE References that are associated with each SAID assigned to a product?
Thanks!
- David Le
‎Jan 13, 2020 04:32 PM
Hi David,
The reports generated by SVM are not detailed to the point of listing all CVE's associated with a SAID. But if you click on the SAID from within SVM the info in the SAID will show associated CVE's.
However, if you'd like a more automated way obtain CVE info for a SAID, you may want to look into Software Vulnerability Research. As its API's allow you to retrieve CVE's associated with SAIDs.
Thank you David.
‎Jan 14, 2020 03:27 PM
Here's a link to our helpnet with info on the API suggested:
‎Jan 14, 2020 03:29 PM
Hi @ayung_2831 ,
I have discovered that we currently have access to Flexera's Software Vulnerabiliy Research (SVR) API.
When I execute a "GET" command on the Advisory API, I do not see any results pertaining CVE information.
See screenshot for example.
Thanks!
- David
‎Jan 15, 2020 12:59 PM
Hi David,
Add the advisory ID as a part of the get. So something like:
https://api.app.flexerasoftware.com/api/advisories/220364
That will return more details of that Advisory.
I hope that helps.
Thank you David.
‎Jan 15, 2020 02:30 PM