Home
CVE Search dashboard
BigFix CVE Search dashboard and Web Report are available as part of the CyberFOCUS site.
CISA KEV (BOD 22-01) CVE list
CVE Search dashboard and web report also provide latest information on Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01).

CVE Search dashboard
BigFix CVE Search dashboard and Web Report are available as part of the CyberFOCUS site.
- Overview
  BigFix CVE Search dashboard and Web Report provide operators with ability to analyze vulnerabilities in their environment based on their CVE ID. For each CVE, operator can report on:
- Enable CyberFOCUS Site
  In the site list, find the site named CyberFOCUS. Click on the site and gather it.
- CISA KEV (BOD 22-01) CVE list
  CVE Search dashboard and web report also provide latest information on Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01).
- Relevant Fixlet Checkbox
  CVE Search dashboard and web report provide ability to include/exclude non-relevant Fixlets from view and calculations. To do this, uncheck/check the “Show Relevant Only” checkbox respectively.
- Superseded Fixlet Checkbox
  BigFix provides a unique view into patches that have been superseded by their vendor. By default, Fixlets for these patches get a relevance statement added to them to ensure that they will not evaluate as relevant on any system. However, a subset of these Fixlets can be evaluated using a “superseded evaluation” setting. Currently, this feature is supported for windows operating system patches.
- Migrating from Vulnerability Reporting site
  CVE Search used to be published to the Vulnerability Reporting site that has since been deprecated. As of March 31^st 2023, this site will no longer receive updates. To continue using CVE Search dashboard and Web Report, HCL recommends unsubscribing from the Vulnerability Reporting site and subscribing to the CyberFOCUS Site.

CISA KEV (BOD 22-01) CVE list

CVE Search dashboard and web report also provide latest information on Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01).

You can choose this list from the vulnerability list dropdown as shown in the following image:
CVE Search

This list also contains metadata for CVEs as provided by the CISA and the National Vulnerability Database (NVD).

For more information on BOD 22-01, refer to the CISA website at https://www.cisa.gov/binding-operational-directive-22-01.