Open willmayhone88 opened 2 months ago
show vulnerability information to end users via the My Device page.
Hey @willmayhone88, today end users can see which software is vulnerable on their My device page. The end user can see the CVEs.
Here's the Software tab on my Mac's My device page:
Closing this issue. Please re-open if I'm misunderstanding the request.
Vulnerabilities, Visible to end users, Security blooms.
@noahtalerman reopening, as I probably didn't add as many details. While the end user can see the vulnerability, they just get the vulnerability number. The request was for it to also be a clickable link that can provide more information on the CVE, similar to how we can click that in the Fleet UI and it links externally to NVD.
Problem
TODO Currently only Fleet admins have the ability to view vulnerabilities in Fleet, and vulnerably software/hosts. With the My Device page, being able to already show failed policies, an extension to this could be to show vulnerability information to end users via the My Device page. This can help give end users visibilities to potentially vulnerable software on their devices.
Potential solutions