Below is an example about building compliance policies from the CVEs.
We will be using CVE-2018-0282 for this case.
Creating Policy
(1) Compliance -> (2) Policies -> (3) New -> (4) Name: CVE-2018-0282 -> (4) Save
Applying to all vendor Nodes
Under Node Group (1) New -> (2) Name: Cisco_IOS -> (3) Save
Creating Rule
If we scroll through the CVE article below is the information we derive:
So, we would be building rule and condition to identify these lines in the configuration.
Under Rule (1) New -> (2) Name: http_check -> (3) Rule type: Configuration -> (4) Vendor : Cisco_IOS
Under Rule (1) New Logic -> (2) Logic: if A then ( B or C) -> (3) Save
Creating Condition:
Define (A) to match the software version that is vulnerable:
Under Condition (1) A -> (2) Type: Software version -> (3) Must contain : 15.5(2) -> (4) Save
Define B:
This is to match the first line of config lines in the CVE document
(1) B -> (2) Must contain: ip http server -> (3) Save
Define C
This is to match the next lines of config from the CVE article
(1) C -> (2) Must contain: ip http secure-server -> (3) Save
This completes the creation of the policy.
For testing refer to the article: How to test Compliance Policy
For creating reports refer to the article: How to create Compliance Reports
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article