NCM's Vulnerability Summary doesn't appear to take the current Cisco IOS version into account when presenting Vulnerability information. NCM should not display false-positive alerts.
Here's what's going on:
Switch: a new Cisco 4510R+E running 3.8.1 IOS
NPM Vulnerability Alert: CVE-2002-1357
NIST Vulnerability Details: NVD - Detail
The NIST Vulnerability Details show this vulnerability is present on version 12 IOS code, from back in 2002. It's NOT on 3.8.1 code. NCM should not list this switch as "potentially" vulnerable to any issues that aren't associated with its actual code version.
But it does.
I'd like NPM to only present actual vulnerabilities, not false positives.
If there's a way to refresh or update Vulnerabilities listed in NCM, based on actual hardware and IOS code issues that really are risks or problems, then I want that to happen. If it doesn't happen through Solarwinds' abilities to hotfix or upgrade/update NCM and NPM, then I have to manually evaluate hundreds of CVE's and the switches or routers to which they "may" apply. That makes a LOT of work for my team, and Solarwinds products should be all about reducing make-work and false positives, not generating more.
If you want only real vulnerabilities showing up in NPM for your hardware, this Feature Request should get your vote.
Vote it up, friends!
Top Comments