I'm referring to the section 2.5.1 in the link here, 

It says, " Each XCCDF Rule can have xccdf:ident elements inside. These elements 
allow the content creator to reference various external identifiers like CVE, 
CCE, CPE and others."

But I don't see CVE under any of the rules.

Bharath M

-----Original Message-----
From: Steve Grubb <sgr...@redhat.com> 
Sent: Thursday, August 30, 2018 6:38 PM
To: open-scap-list@redhat.com
Cc: Mohanraj, Bharath <bharath_mohanraj...@bmc.com>
Subject: Re: [Open-scap] OSCAP - CVE information


On Thursday, August 30, 2018 8:05:30 AM EDT Mohanraj, Bharath wrote:
> I'm using the oscap scanner on linux boxes, for triggering "oscap 
> xccdf eval" command. In the output generated, one of the info I would 
> need to present is the CVE for each rule.

This may be a misunderstanding in terminology. Each rule has a CCE - not a CVE. 
You can write rules to detect packages with known CVE's, but that is not your 
typical XCCDF.

> However, I don't see the CVE info for
> the rules  in the xccdf xmls (no <ident> tag for CVEs under the rules).
> Can you please help me understand how I can capture the CVE associated 
> with each rule?

I think you mean CCE. What content are you running?


Open-scap-list mailing list

Reply via email to