This PR makes the scheduler aware of the KEV field in tickets.
As per the requirements, when a host has a ticket with details.kev set to true the scheduler will schedule this with the same priority as a critical vulnerability.
π Motivation and context
These changes makes no sense. I have no idea why we are doing it. See: cisagov/cyhy-system#38
All vulnerabilities that end up in the "Known Exploited" catalog will already have high priorities from their CVSS scores.
Closing language:
Placates and closes cisagov/cyhy-system#38
Closes cisagov/cyhy-system#44
Closes cisagov/cyhy-system#45
π§ͺ Testing
[x] Tested by scanning a host with a vulnerability that is listed in the KEV but no other concurrent criticals on the same host.
β Pre-approval checklist
[x] This PR has an informative and human-readable title.
[x] Changes are limited to a single goal - eschew scope creep!
[x] All relevant type-of-change labels have been added.
π£ Description
This PR makes the scheduler aware of the KEV field in tickets. As per the requirements, when a host has a ticket with
details.kev
set totrue
the scheduler will schedule this with the same priority as a critical vulnerability.π Motivation and context
These changes makes no sense. I have no idea why we are doing it. See: cisagov/cyhy-system#38 All vulnerabilities that end up in the "Known Exploited" catalog will already have high priorities from their CVSS scores.
Closing language:
π§ͺ Testing
β Pre-approval checklist