This file probe enables to import security advisories data from the Microsoft vulnerabilities database (MSSecure) into ESIS.
| Parameter
| Description
| Default value
|
| msCveMap
| Download URL for the MS CVE map.
| http://www.cve.mitre.org/cve/
refs/refmap/
source-MS.html
|
| investigateAcceptRiskWithExploit
| If true an advisory for which an exploit is now available and with the status 'accept risk' will have its status updated to 'investigate'.
| false
|
| investigateAcceptRiskWithUpdate
| If true an updated advisory with the status 'accept risk' will have its status updated to 'investigate'.
| false
|
| investigateRepairedWithExploit
| If true an advisory for which an exploit is now available and with the status 'repaired' will have its status updated to 'investigate'.
| false
|
| renewAcceptRiskWithExploit
| If true an advisory for which an exploit is now available will be thrown again in the process loop even if it's status is 'risk accepted' within ESIS.
| false
|
| renewAcceptRiskWithUpdate
| If true an updated advisory will be thrown again in the process loop even if it's status is 'risk accepted' within ESIS.
| false
|
| renewIgnoredWithExploit
| If true an advisory for which an exploit is now available will be thrown again in the process loop even if it's status is 'ignored' within ESIS.
| false
|
| renewIgnoredWithUpdate
| If true an updated advisory will be thrown again in the process loop even if it's status is 'ignored' within ESIS.
| false
|
| renewRepairedWithExploit
| If true an advisory for which an exploit is now available will be thrown again in the process loop even if it's status is 'repaired' within ESIS.
| false
|
| rejectVulnerabilityWithoutProduct
| If true a security advisory with no defined product will be ignored. This indeed happens...
| true
|
| requiresCVE
| If activated vulnerabilities must have a CVE identifier (or alias).
| false
|
| minSeverityToImport
| Security advisories which severity level is below the threshold won't be imported.
| 0
|
| vulnerabilityPriorityMatchVendorSeverity
| The priority level is managed by the process stakeholder such as to differentiate the organization perception of this advisory priority from the severity assigned by the vendor. If true the default value for priority will be set by default to match the severity.
| false
|
| addNewVPV
| If true new (Vendor, Product, Version) will be added. For instance if an advisory for product foobar_php, version 1.0, from vendor foobar_soft is found and that this vendor or product or version is not yet known from ESIS it will be added.
| true
|
| resetVPV
| If true the list of products impacted by the advisories will be set to exactly and solely the one in the current advisory - replacing previous information.
| true
|
| rank
| This is used to manage the multiple references of advisories. Each source has a rank. Do not change this !
| 100
|
| failureOnEmptyFile
| If the processed file is empty the probe returns a failure status.
| false
|
| failureWhenNothingImported
| If the processed file can’t be used to import data a failure status is set to the probe.
| false
|