WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud
  • Tanzu
    • Application Modernization
    • Tanzu services
    • Tanzu Community Edition
    • Tanzu Kubernetes Grid
    • vSphere with Tanzu
  • Home Lab
  • Nested Virtualization
  • Apple

Automatically retrieve CVE CVSS score for all ESXi security bulletins 

07.20.2018 by William Lam // 10 Comments

I always enjoying learning new things, especially when it is outside of my immediate domain expertise and if I can thrown in some Automation to help solve a solution, it is a win for everyone. I bring this up because, yesterday I had noticed an interesting question from one of our field folks where their customer is looking to implement a process for applying ESXi security patches to help determine compliance timeline (e.g. when a specific security update will be applied to infrastructure).

To do this, the customer would like to use the Common Vulnerability Scoring System (CVSS) score which ranges from 0-10, 0 being low and 10 being high. The CVSS score is part of the Common Vulnerabilities and Exposures (CVE) which is also referenced for every ESXi security patch (bulletin) that is published by VMware. The question that came up was how easily it would be to determine the CVSS score for a given ESXi security patch. First, I will outline the "manual" process and once that is understood, I will demonstrate an automated solution which customers can take advantage of to easily retrieve this information for all ESXi security patches.

[Read more...]

Share this...
  • Twitter
  • Facebook
  • Linkedin
  • Reddit
  • Pinterest

Categories // Automation, ESXi, Security, vSphere 5.5, vSphere 6.0, vSphere 6.5, vSphere 6.7 Tags // CVE, CVSS, ESXi 5.1, esxi 5.5, esxi 6.0, esxi 6.5, esxi 6.7, NIST

Search

Author

William Lam is a Senior Staff Solution Architect working in the VMware Cloud team within the Cloud Infrastructure Business Group (CIBG) at VMware. He focuses on Cloud Native technologies, Automation, Integration and Operation for the VMware Cloud based Software Defined Datacenters (SDDC)

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Connect

  • Email
  • GitHub
  • LinkedIn
  • RSS
  • Twitter
  • Vimeo

Support

Recent

  • vSphere ESXi 7.x will be last version to officially support Apple macOS Virtualization 08/03/2022
  • First look at the new Supermicro E302-12D (Ice Lake D) 07/27/2022
  • Quick Tip - How to actually disable host encryption mode on ESXi? 07/25/2022
  • Exploring the Cloud-init Datasource for VMware GuestInfo using vSphere 07/20/2022
  • Quick Tip - ESXi 7.0 Update 3f now includes all Intel I219 devices from Community Networking Driver Fling 07/18/2022

Advertisment

William Lam

Copyright WilliamLam.com © 2022