CVE Module (Concept and Principles)
Medulla has introduced a new feature that allows the inventory database to be compared with CVE search APIs based on three CVE database models: NVD (U.S.), CIRCL (Luxembourg), and EUVD (European Union).
This real-time comparison of the inventory database with these three databases enables the detection of all CVE-related anomalies and provides system administrators and security teams with visibility into vulnerabilities on workstations linked to applications that are out of date or need to be updated across the network.
This module allows you to perform the following actions:
- View and launch a vulnerability scan across the entire fleet of machines managed in the Medulla interface
- View and launch a vulnerability scan by entity.
- View and launch a vulnerability scan by group.
- View the results of all CVEs across the fleet.
For each CVE reported in the module, we organize a ranking based on the severity priority of the vulnerability:
- Low priority
- Medium priority
- High priority
- Critical priority
A banner at the top of the module page provides a summary and an overview of the status of security vulnerabilities across the fleet.
This banner displays:
- The total number of CVEs across the fleet.
- The number of critical CVEs
- The number of high-severity CVEs
- The number of medium-severity CVEs
- The number of low-severity CVEs
- The number of affected machines.
To access this module, click the security button:
