0 Replies Latest reply on Nov 17, 2016 4:11 PM by tonyg.

    What's the best way to automate Cisco vulnerability impact assesment using SolarWinds?

    tonyg.

      I have a responsibility to assess whether Cisco equipment that I support is impacted by vulnerabilities that are published by Cisco.  Most Cisco vulnerability articles include commands that can be run to see if a certain feature that has a known vulnerability is enabled on a device.  For example, CVE-2016-6385 (as described here https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-smi#fixed) says that you can use a command, show vstack config, to see if the Smart Install client feature is enabled on a switch.

       

      Is there a good way to use my SolarWinds system to automate running this command on devices that match the models and software versions that are impacted by this vulnerability and see the output of that command per device?  I have NCM 7.4 installed.

       

      Thanks in advance for any help you could provide!!