On Thursday, August 30, 2018 9:12:04 AM EDT Mohanraj, Bharath wrote:
> I'm referring to the section 2.5.1 in the link here,
> https://static.open-scap.org/openscap-1.2/oscap_user_manual.html
> It says, " Each XCCDF Rule can have xccdf:ident elements inside. These
> elements allow the content creator to reference various external
> identifiers like CVE, CCE, CPE and others."
> But I don't see CVE under any of the rules.

Which rules are you testing with? There is only one set of rules I know of 
that has CVE's. All others have CCE's.


> -----Original Message-----
> From: Steve Grubb <sgr...@redhat.com>
> Sent: Thursday, August 30, 2018 6:38 PM
> To: open-scap-list@redhat.com
> Cc: Mohanraj, Bharath <bharath_mohanraj...@bmc.com>
> Subject: Re: [Open-scap] OSCAP - CVE information
> Hello,
> On Thursday, August 30, 2018 8:05:30 AM EDT Mohanraj, Bharath wrote:
> > I'm using the oscap scanner on linux boxes, for triggering "oscap
> > xccdf eval" command. In the output generated, one of the info I would
> > need to present is the CVE for each rule.
> This may be a misunderstanding in terminology. Each rule has a CCE - not a
> CVE. You can write rules to detect packages with known CVE's, but that is
> not your typical XCCDF.
> > However, I don't see the CVE info for
> > the rules  in the xccdf xmls (no <ident> tag for CVEs under the rules).
> > 
> > Can you please help me understand how I can capture the CVE associated
> > with each rule?
> I think you mean CCE. What content are you running?
> -Steve

Open-scap-list mailing list

Reply via email to