Below is an example about building compliance policies from the CVEs.
We will be using CVE-2018-0282 for this case.
Creating Policy
(1) Compliance -> (2) Policies -> (3) New -> (4) Name: CVE-2018-0282 -> (4) Save

Applying to all vendor Nodes
Under Node Group (1) New -> (2) Name: Cisco_IOS -> (3) Save

Creating Rule
If we scroll through the CVE article below is the information we derive:

So, we would be building rule and condition to identify these lines in the configuration.
Under Rule (1) New -> (2) Name: http_check -> (3) Rule type: Configuration -> (4) Vendor : Cisco_IOS

Under Rule (1) New Logic -> (2) Logic: if A then ( B or C) -> (3) Save

Creating Condition:
Define (A) to match the software version that is vulnerable:
Under Condition (1) A -> (2) Type: Software version -> (3) Must contain : 15.5(2) -> (4) Save

Define B:
This is to match the first line of config lines in the CVE document
(1) B -> (2) Must contain: ip http server -> (3) Save

Define C
This is to match the next lines of config from the CVE article
(1) C -> (2) Must contain: ip http secure-server -> (3) Save

This completes the creation of the policy.
For testing refer to the article: How to test Compliance Policy
For creating reports refer to the article: How to create Compliance Reports
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article