Manually uploading is no longer loading VIT's with CVE references PDI and client instance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi All,
We just moved SecOps to pre-prod and during the smoke testing, when manually uploading VIT's with a CVE reference number the rows are getting ignored. We tried CSV and excel uploads and manually specified Vulnerability ID are getting uploaded.
I checked on the PDI and it too has the same problem. Looking at the versions it looks like a potential culprit is Security Support Common App id: sn_sec_cmn has gone from 30.2.3 to 30.3.3 between test and pre-prod environments. We also noted that the CVE library in the List section of the SEM workspace has been renamed to 'Vulnerabilities' from 'CVEs (NVD)'
Does anyone know of a fix or work around? We are awaiting a response from Support.
Thanks in advance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Update:
We were able to utilise another instance (training) and it turns out the Vulnerability Response plugin version 30.2.5 was the last working version we have found. Ver 30.3.3 and above the manual upload with a CVE vulnerability id doesn't load.
Speaking with Support it looks like the ManualIngestionProcessor script include is where the issue is occurring but we are still confirming that with support.
