Applicable to Entuity v22.0 GA upwards
To view the CPEs to/by which an existing CPE has been updated/deprecated (Navigate to Deprecated By)
Introduction:
From the CPE Search tab of the Vulnerability Monitoring page, you can search for CPEs amongst those listed in the CPE Dictionary.
From the search results, you can select and assign CPE Names to specified devices, and also filter your search down to the CPEs to/by which an existing CPE has been updated/deprecated.
This tab is applicable only to servers, not configuration sets.
This tab contains a table displaying the following information:
Column Name | Description |
---|---|
CPE Name | full CPE Name. |
Title | CPE's title/description (polled from NIST) |
Official ID | CPE's official ID, if one exists (polled from NIST). This column is hidden by default. |
Part |
This column is hidden by default. |
Vendor | product vendor/manufacturer. |
Product | product title or name. |
Version | vendor-specific alphanumeric string of the product release version. |
Update | vendor-specific alphanumeric string of the product update, service pack, or point release. |
Edition | (deprecated field - only required for backwards compatibility with CPE v2.2) edition-related terms applied by the vendor to the product. |
Language | language supported in the product UI. Must be valid language tags as defined by RFC 5646. This column is hidden by default. |
SW Edition | product market or end user class. This column is hidden by default. |
Target SW | software computing environment on which the product operates. This column is hidden by default. |
Target HW | instruction set architecture (e.g. x86) on which product operates.. This column is hidden by default |
Other | other vendor- or product-specific descriptive or identifying information that does not logically fit any other attribute above. This column is hidden by default. |
Deprecated Status | If the CPE is deprecated, either true or false. |
Deprecated By | . This column is hidden by default |
To search for a CPE:
- Navigate to the CPE Search tab of the Vulnerability Monitoring page, and click Search at the top of the tab (or via Overflow Menu).
- The CPE Name Search form will open on the right of the window.
Search
-
Search - enter the CPE Names and/or keywords. Entuity will match these search terms against the CPE Names and CPE Titles stored in the local CPE Dictionary.
- search terms must be separated by commas, not by whitespace. Terms with whitespace will be considered a single search term value.
- enclosing search criteria in speech marks (" ") will disable separation, e.g.: hello, world will split into hello and world, but "hello, world" will not.
- 'hello, world' will split in 'hello' and world' but '"hello, world"' will not.
- Search Term Relationship - specify the logical relationship between the comma-separated search terms, either AND or OR.
- Include Deprecated - specify if search results will include deprecated CPE Names.
Match Using
- Regular Expression - specify whether to enable use of regular expression in the Search field, which would allow for more advanced searching.
- Whole Attribute - specify whether to find only whole matches from your Search field input.
Advanced Settings
The Advanced Settings fields allow you to refine your search through specific values for CPE attribute fields.
- You can enter multiple values per attribute, separated by commas, which will be logically ORed.
- Each attribute will be logically ANDed.
The CPE attributes are as follows:
Attribute | Description |
---|---|
part |
|
vendor | product vendor/manufacturer. |
product | product title or name. |
version | vendor-specific alphanumeric string of the product release version. |
update | vendor-specific alphanumeric string of the product update, service pack, or point release. |
edition | (deprecated field - only required for backwards compatibility with CPE v2.2) edition-related terms applied by the vendor to the product. |
language | language supported in the product UI. Must be valid language tags as defined by RFC 5646. |
sw_edition | product market or end user class. |
target_sw | software computing environment on which the product operates. |
target_hw | instruction set architecture (e.g. x86) on which product operates. |
other | other vendor- or product-specific descriptive or identifying information that does not logically fit any other attribute above. |
Click Done to save your Advanced Settings, and then Done again on the CPE Name Search form to execute your search, otherwise click Cancel. The table will then be populated by the search results.
To assign a CPE to a device:
- From the list of search results on the CPE Search tab under the Vulnerability Monitoring page, select the CPE that you wish to assign and click Assign to Device at the top of the tab (or via the Overflow Menu or right-click Context Menu).
- The Devices form will open on the right of the window. Search/filter for and select the devices to which you wish to assign the CPE, and click Done.
To view the CPEs to/by which an existing CPE has been updated/deprecated (Navigate to Deprecated By):
In your search results, if your CPE Name has a Deprecated Status, you can use Navigate to Deprecated By to then filter the search results down to this CPE and the CPE to which it has been updated/the CPE by which it has been deprecated.
- Select your CPE and click Navigate to Deprecated By at the top of the tab (or via the Overflow Menu or right-click Context Menu).
- The filtered CPEs will then appear in the table.
Comments
0 comments
Please sign in to leave a comment.