Home
CVE Search dashboard
BigFix CVE Search dashboard and Web Report are available as part of the CyberFOCUS site.
Overview
BigFix CVE Search dashboard and Web Report provide operators with ability to analyze vulnerabilities in their environment based on their CVE ID. For each CVE, operator can report on:

CVE Search dashboard
BigFix CVE Search dashboard and Web Report are available as part of the CyberFOCUS site.
- Overview
  BigFix CVE Search dashboard and Web Report provide operators with ability to analyze vulnerabilities in their environment based on their CVE ID. For each CVE, operator can report on:
- Enable CyberFOCUS Site
  In the site list, find the site named CyberFOCUS. Click on the site and gather it.
- CISA KEV (BOD 22-01) CVE list
  CVE Search dashboard and web report also provide latest information on Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01).
- Relevant Fixlet Checkbox
  CVE Search dashboard and web report provide ability to include/exclude non-relevant Fixlets from view and calculations. To do this, uncheck/check the “Show Relevant Only” checkbox respectively.
- Superseded Fixlet Checkbox
  BigFix provides a unique view into patches that have been superseded by their vendor. By default, Fixlets for these patches get a relevance statement added to them to ensure that they will not evaluate as relevant on any system. However, a subset of these Fixlets can be evaluated using a “superseded evaluation” setting. Currently, this feature is supported for windows operating system patches.
- Migrating from Vulnerability Reporting site
  CVE Search used to be published to the Vulnerability Reporting site that has since been deprecated. As of March 31^st 2023, this site will no longer receive updates. To continue using CVE Search dashboard and Web Report, HCL recommends unsubscribing from the Vulnerability Reporting site and subscribing to the CyberFOCUS Site.

Overview

BigFix CVE Search dashboard and Web Report provide operators with ability to analyze vulnerabilities in their environment based on their CVE ID. For each CVE, operator can report on:

BigFix Fixlet coverage for CVEs in question
BigFix Server subscription to all the sites containing those Fixlets
Total Fixlet count per CVE
Total count of vulnerable instances found
Additional CVE metadata (if applicable)

Dashboard provides additional ability to create remediation baselines for a subset of selected CVEs or Fixlets.