Skip to main content
All CollectionsProduct InfoSecurity
How to Discover CVEs in Faddom
How to Discover CVEs in Faddom
A
Written by Alex Patnick
Updated this week

Faddom can warn you of any CVEs that affect your systems. This provides you with a view of all the detected vulnerabilities, which servers they affect and which software and versions they are relevant for. Limited internet access is required for this feature.

What Is A CVE?

CVE stands for Common Vulnerabilities and Exposures. When a security vulnerability is discovered, researchers or vendors can request a CVE ID from the CVE Numbering Authorities (CNAs) to help facilitate communication and awareness of the issue. These identifiers are used to provide a standardized way of referencing and discussing vulnerabilities across different platforms, tools, and information sources. This helps in understanding, tracking, and managing vulnerabilities in software and hardware systems.

Prerequisites

  1. Faddom requires access to https://api.support.faddom.com to read the updated CVE database. Faddom only receives the details of the software and version that is in your environment and which operating system it is installed on. No server or customer information is transmitted. If an HTTP proxy is setup in the Global Parameters then Faddom will access the API through that proxy.

  2. Setting Up Software And CVE Discovery is done and working

How to Discover CVEs

  1. You can see on the main dashboard of Faddom the number of vulnerabilities detected

  2. By clicking on this number, you are then taken to the CVE screen within the Security Dashboard. Alternatively, you can select Secure > CVEs

    CVE dashboardc.gif



  3. From this dashboard you can either apply a filter to search for CVEs by Score (the default order displayed is Critical, High, Medium, Low), server, or application map along with a date.

  4. You can click on the arrow next to the CVE name to get more information on the CVE, which includes a link to the CVE, the maps with affected servers, as well as a score as to how critical the CVE is.

    CVE score.gif

  5. If, for some reason, you wish to ignore a specific CVE, you can select one or more, then click Ignore Selected CVEs

    ignore cves.gif

  6. If you wish to restore CVEs that you have previously ignored, you can reverse this by clicking on X Ignored CVEs, selecting the ignored CVEs and click Don't Ignore CVEs

    restore cves.gif


How to Setup Custom CVEs

Faddom allows you to browse open Windows CPEs to enhance your security posture further. This lets you fine-tune your Windows vulnerabilities by matching software to a CPE.

A CPE (Common Platform Enumeration) is a standardized method of describing and identifying classes of applications, operating systems, and hardware devices present among an enterprise's computing assets. CPEs are used in conjunction with CVEs to specify which platforms are affected by a particular vulnerability.

To match these vulnerabilities to software you do the following -

  1. Go to Inventory > Software

  2. You can find the unmatched CPEs by filtering and searching on the screen

  3. In the popup you will get suggestions for the software.

  4. If you see the below screen, please ensure that the Faddom server is able to reach https://services.nvd.nist.gov/

  5. If Faddom has detected a potential match, you select the match and then click on Apply

  6. If none of the suggestions match, or there aren't any you can click No CPE Match

  7. You can look at the next unmatched software in the popup by clicking on Show Next

Did this answer your question?