Feature Request: Affected Hardware relationship for CVE

nautobot / nautobot-app-device-lifecycle-mgmt

Device Lifecycle Management App for Nautobot

https://docs.nautobot.com/projects/device-lifecycle/en/latest/

Other

41 stars 26 forks source link

Feature Request: Affected Hardware relationship for CVE #88

Open Brugal87 opened 2 years ago

Brugal87 commented 2 years ago

Environment

Nautobot version: N/A
nautobot-plugin-device-lifecycle-mgmt version: latest

Proposed Functionality

For CVE records, add a Affected Hardwares (device type) relationship. A lot of CVEs applies only to certain device types, even if they have the same OS as others belonging to the same manufacturer.

Use Case

Cisco published CVE-2022-20714. It only affects ASR 9000 series. If you have ASR 1000 series with the same IOS-XE version they will appear as affected.

divedo commented 2 years ago

+1 . I have reached the same point than @Brugal87