You are not logged in.
Has anyone implemented a link between the GLPI software inventory database and the CVE (Common Vulnerabilities and Exposures) or NVD (National Vulnerability Database) so that tickets can be raised automatically against software that has reported vulnerabilities.
If not, that would make a great plugin, but alas, I am not a good coder!
Offline
Hello,
I'm looking into IVA (https://github.com/lbenthins/iva)
It uses the GLPI software database.
More to come when I will try it
Offline
Hello,
I would like to bring up this topic again, because IVA will probably not be developed further and many used modules are unfortunately not supported since the beginning of 2020.
Does anyone here have any idea how this could still be implemented?
Greetings from Germany
Mitsch94
Offline
I've messed around with several ideas for a similar plugin. I've uploaded what I have so far here (far from production-ready):
https://github.com/cconard96/glpi-cve-plugin
It requires that you have a "cve-search" server or container running much like the "iva" solution above to host a database of CVE information and manage updating it from official sources.
Right now, my plugin needs to add something similar to the dictionaries used by GLPI because it is unlikely your inventory in GLPI matches the CVE vendor and product names exactly.
For example, you may have "Microsoft Corporation" when the vendor name has to be "Microsoft".
It also needs to cache some CVE information in GLPI's DB because for some products due to the shear amount of information returned from the cve-search API.
GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.
Offline
I've messed around with several ideas for a similar plugin. I've uploaded what I have so far here (far from production-ready):
It requires that you have a "cve-search" server or container running much like the "iva" solution above to host a database of CVE information and manage updating it from official sources.
Right now, my plugin needs to add something similar to the dictionaries used by GLPI because it is unlikely your inventory in GLPI matches the CVE vendor and product names exactly.
For example, you may have "Microsoft Corporation" when the vendor name has to be "Microsoft".
It also needs to cache some CVE information in GLPI's DB because for some products due to the shear amount of information returned from the cve-search API.
thank you very much - I will have a look and try it
Last edited by Mitsch94 (2020-11-29 11:47:27)
Offline
I've messed around with several ideas for a similar plugin. I've uploaded what I have so far here (far from production-ready):
https://github.com/cconard96/glpi-cve-pluginIt requires that you have a "cve-search" server or container running much like the "iva" solution above to host a database of CVE information and manage updating it from official sources.
Right now, my plugin needs to add something similar to the dictionaries used by GLPI because it is unlikely your inventory in GLPI matches the CVE vendor and product names exactly.
For example, you may have "Microsoft Corporation" when the vendor name has to be "Microsoft".
It also needs to cache some CVE information in GLPI's DB because for some products due to the shear amount of information returned from the cve-search API.
Hi,
This looks very promising ..
I never made the IVA setup fully functional and I moved on to something... But the idea is still there and your plugin looks very interesting.
I will follow this closely !
It's a shame I have no development skills... I would have been glad to help :-/
Offline
I've messed around with several ideas for a similar plugin. I've uploaded what I have so far here (far from production-ready):
https://github.com/cconard96/glpi-cve-pluginIt requires that you have a "cve-search" server or container running much like the "iva" solution above to host a database of CVE information and manage updating it from official sources.
Right now, my plugin needs to add something similar to the dictionaries used by GLPI because it is unlikely your inventory in GLPI matches the CVE vendor and product names exactly.
For example, you may have "Microsoft Corporation" when the vendor name has to be "Microsoft".
It also needs to cache some CVE information in GLPI's DB because for some products due to the shear amount of information returned from the cve-search API.
Hi,
What is the status of the plugin ?
Do you need anything to make progress ? Can I help ?
Thanks a lot !
Offline
woow, that's cool! Is it possible to use it or do you need a bit more finetuning?
Offline
It doesn't seem compatible with the newer CVE-search servers which I'll look at later.
Beyond that, it currently times out for software with a lot of CVEs since none of that information is cached and, at least previously, their API didn't have the right options for me to get only a few results at a time and paginate them.
I'm more focused on the core GLPI development right now but I welcome any community contributions.
GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.
Offline
Thanks for your feedback.
I wish I could help you with the development but I have no skill in PHP development at all !
All I can do is test and report (and help with some Powershell scripts if you need).
I feel useless :-(
Offline
Thanks for your feedback.
I wish I could help you with the development but I have no skill in PHP development at all !
All I can do is test and report (and help with some Powershell scripts if you need).
I feel useless :-(
PHP isn't that difficult, dont worry :-)
Unfortenately my time is to limited due the current situation.
Last edited by doesntMatter (2021-06-14 15:06:05)
Offline