Skip to Main Content
Patch My PC Feature and Application Request

A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize request, please see:

3 VOTE
Status SUBMITTED
Created by Morten Junge
Created on Mar 9, 2020

CVSS score so we can use Automatic Deployment Rules on critical/zero day patches

We are using ADR to automate a flow from test to production. Patches/applications have to be approved before we are pushing them into production because of our complex infrastructure and a desire not to interfere with patches every day.

But sometimes there are security patches that are Zero Day or very critical and needs to fix possible breaches as soon as possible. When I look at your meta data I can see CVE scores but not CVSS. I would love if the CVE score was converted to a CVSS score that we could use in an ADR.

It would mean we could have a "normal" flow and "bypass" flow when ever there a security patch that reaches above a certain CVSS score.

  • Attach files
  • René Kierstein
    Reply
    |
    Mar 24, 2020

    I have asked about CVVS scores a few times. The reason asking are that the CVSS in many cases is a better indication regarding a patch criticality than the CVE scores.

    What would be the official authoring to obtaining a CVSS for a product? Do you know if there are any automated API's to get this data?

    it would be perfect, if you could add the CVSS score at Patch My PC Catalog Update mails, and at the WSUS patch.

    In this way we could create ADR based on CVSS scores.

    There's no native element in the WSUS update schema we could as a CVSS score. Depending on how the CVSS is obtained we may be able to include it in the Teams/Emails.

    I only know those sites:

    https://www.cvedetails.com/

    Not sure if they have an API.

    https://nvd.nist.gov/

    They have some data feeds

    https://nvd.nist.gov/vuln/data-feeds

    Found this yesterday, haven’t tried it.

    https://www.secopshub.com/t/introducing-pscvss-a-powershell-powershell-core-module-to-calculate-a-cvss-score/743

  • +1