Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

NCM Firmware Vulnerability Not Updating

Running NCM 2020.2.5. Weekly report that we run is not updating CVE alerts and the settings are correct. The majority of switches in our network on same code version although only a few are showing NIST/CVE alerts for over 2 years ago. Existing vulnerability settings is pointing to correct feeds from NIST (2020, 2021, modified and recent JSON files). Ive ran the repair, repopulated the inventory, same results. Solarwinds support has been on this for almost 2 months. This is what they are seeing:

I checked the VulnLib log file and I found multiple error.

2021-07-15 00:35:13,298 [94] ERROR SolarWinds.NCM.VulnLib.VulnDownloader - Unable download "">nvd.nist.gov/.../nvdcpematch-1.0.json.zip".System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
at System.Net.ConnectStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.IO.Stream.InternalCopyTo(Stream destination, Int32 bufferSize)
at SolarWinds.NCM.VulnLib.Help.FileSystemHelper.WriteStreamToFile(Stream stream, String filePath)
at SolarWinds.NCM.VulnLib.Help.WebDownloader.<>c__DisplayClass3_0.b__0()
at SolarWinds.NCM.Common.Help.TlsScope.Execute(Action handler, Type[] additionalExceptionTypesToHandle)
at SolarWinds.NCM.VulnLib.Help.WebDownloader.DownloadFile(String url, String fileName)
at SolarWinds.NCM.VulnLib.VulnDownloader.Download(String url, String path)

This tells us that it is having a problem with the download. Can you please log in to the Main Polling Engine and try to access the link "">nvd.nist.gov/.../nvdcpematch-1.0.json.zip".

Ive had no problems accessing this link from the main poller and pull down the correct files. Any ideas or thoughts would be helpful. Thanks.

Find more posts tagged with

Accepted answers

All comments

grizzlyferrett

@ITAlerts@Breck did you ever get a fix for this from SolarWinds Support?

I have same issue I see three vulnerabilities listed that were released in March 2021 but nothing since. Currently running 2020.2.6 HF3, so latest version of Orion with NPM and NCM.

Since March 2021 I have upgraded Orion from 2019.4 HF6 (Vulnerability download / checking was working on this version) to 2020.2.4. Further upgrade in October 2021 to 2020.2.6 HF1 and then 2020.2.6 HF3 in December.

Basically it was working on 2019.4 HF6 but no longer works in the 2020.2.x versions.

ITAlerts@Breck

Yes, it was resolved after a few months of back and forth with their SW Support. What do links you have listed for the CVE feeds?

borgan

Can you give more specifics as to how this was resolved. I am still seeing vulnerabilities for firmware versions that are no longer in use on my devices. Why does the report show vulnerabilities that are not correct?