Patch My PC Feature and Application Request
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize request, please see:
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize request, please see:
We are using ADR to automate a flow from test to production. Patches/applications have to be approved before we are pushing them into production because of our complex infrastructure and a desire not to interfere with patches every day.
But sometimes there are security patches that are Zero Day or very critical and needs to fix possible breaches as soon as possible. When I look at your meta data I can see CVE scores but not CVSS. I would love if the CVE score was converted to a CVSS score that we could use in an ADR.
It would mean we could have a "normal" flow and "bypass" flow when ever there a security patch that reaches above a certain CVSS score.
I have asked about CVVS scores a few times. The reason asking are that the CVSS in many cases is a better indication regarding a patch criticality than the CVE scores.
What would be the official authoring to obtaining a CVSS for a product? Do you know if there are any automated API's to get this data?
it would be perfect, if you could add the CVSS score at Patch My PC Catalog Update mails, and at the WSUS patch.
In this way we could create ADR based on CVSS scores.
There's no native element in the WSUS update schema we could as a CVSS score. Depending on how the CVSS is obtained we may be able to include it in the Teams/Emails.
I only know those sites:
https://www.cvedetails.com/
Not sure if they have an API.
https://nvd.nist.gov/
They have some data feeds
https://nvd.nist.gov/vuln/data-feeds
Found this yesterday, haven’t tried it.
https://www.secopshub.com/t/introducing-pscvss-a-powershell-powershell-core-module-to-calculate-a-cvss-score/743