CyberSecDef
commented
6 years ago Can you provide the source for this new requirement? This could have a HUGE impact on the packages we work on.
Open mitigater opened 6 years ago
CyberSecDef
commented
6 years ago Can you provide the source for this new requirement? This could have a HUGE impact on the packages we work on.
amkuchta
commented
6 years ago @mitigater I'm with @CyberSecDef on this - this is a pretty big impact, and I'd like to see where it is written before making a change.
That being siad, I believe that Vulnerator will already do what you are asking - there is a set of Checkbox controls that allow you to group items be finding. If you deselect these checkboxes, Vulnerator performs a one-to-one mapping of device affected to plugin / STIG check. Let me know if that accomplishes your goal, please!
Prerequisites
Before submitting a new issue, please ensure you have completed the following (replace the space in the box with an "x" to denote that it has been completed)
Category
Please select a category for the item being created
Description
The RAR currently reports multiple devices in in the "Devices Affected" column. The requirement has changed to only show one device per vulnerability.
Synopsis
Devices affected shows multiple devices. Requirement has changed in which one device can only be listed per vulnerability.
Expected Outcome
Actual Outcome
Reproduction Steps
Attachments
Please provide any relevant attachments, as you see fit (e.g. screenshots); if supplying vulnerability data (e.g. CKL/Nessus files or reports), please ensure that they are sanitized of IP addresses and host names and email them to alex.kuchta@navy.mil - DO NOT POST VULNERABILITY FILES HERE
C:\Users\%UserName%\AppData\Roaming\Vulnerator\V6Log.txt, where%UserName%is the user profile used to run the application