Welcome to OCS Inventory NG community support, where you can ask questions and receive answers from other members of the community.

Please ask questions only in English or French.

Release 2.12.3 available

The official documentation can be found on https://wiki.ocsinventory-ng.org. Read it before asking your question.

How to config OCS server v2.11.1 with CVE-Search?

Hello guys,

I have an OCS server running on Oracle Linux 8.6 and a CVE-Search running on Ubuntu 20.04.
Both configured according to the OCS manual at https://wiki.ocsinventory-ng.org/ and the CVE-Search manual at https://cve-search.github.io/cve-search/

But I don't know why OCS doesn't show the vulnerabilities when I run the cron_cve.php script. It doesn't show any errors either, I've already checked the logs and I didn't find the problem. I manage a fleet of more than 2000 machines and the integration with CVE as the manual presents would be very good if I could really make it work. Does this feature only work on the paid version of OCS or should it work on the free version as well?
Could someone help me solve this integration problem?

I thank you for your help.

in OCS Inventory NG server for Unix by (270 points)
edited by

6 Answers

+1 vote

Hi @Will,

cve-search works with all versions of the OCS server from v. 2.7 and you won't get better by paying...

Did you run the 2 CVE cron scripts correctly ? Have you enabled verbose mode in the OCS's GUI ?

In the configuration of OCS (VULN_CVESEARCH_HOST), is the access to the cve-search server in the form 192.168.1.1:5000 ?

Note : You need to be able to access the GUI cve-search server the same way (192.168.1.1:5000)

by (32.6k points)
0 votes

Hi Steph,

Thank you very much for your attention and your answer.

I ran the 2 CVE cron scripts correctly. First the cron_all_software.php and cron_cve.php according to manual at wiki ocs and enabled verbose mode in OCS's GUI. I revised all the settings and realized that the problem was with the cve-search configuration. I could not access the server IP on port 5000.
I adjusted the configuration in cve-search: <<install_dir>>/etc/configuration.ini

[Webserver]
Host: 127.0.0.1
Port: 5000
Debug: True
PageLength: 50
LoginRequired: False
OIDC: False
CLIENT_ID: xx
CLIENT_SECRET: xx
IDP_DISCOVERY_URL: xx
SSL_VERIFY: False
SSL: True
Certificate: ssl/cve-search.crt
Key: ssl/cve-search.key
WebInterface: Full
MountPath: /MOUNTY/MC/MOUNT

and in OCS (VULN_CVESEARCH_HOST) as you informed and then the communication between OCS and CVESearch server which is configured locally worked.

Now I found another problem. I have nine OCS servers as slaves and one as master. All slaves communicate with CVESearch server and process the vulnerabilities but the master is not working. I revised all the settings on the master, they are the same as the slaves settings but it doesn't work. What could it be this time? Can you help me again?

Once again thank you very much, as your answer helped a lot to solve the first problem.

Thanks!

by (270 points)
edited by
+1 vote

The cron_cve_computer.php file is also to be executed (it is especially of him that I was thinking)

Is the master CVE-Search server in the same network as the 9 others ?

Note: The CVE-Search server on a remote link can take several hours (even several days) to report vulnerabilities from ~2000 machines... how much softwares ?

> The manual execution (in SSH) of the cron_cve.php file by activating the verbose mode allows to observe the steps until the end and the duration...

by (32.6k points)
0 votes
Very nice, very cool, excellent...

I believe that only the execution of this file was missing. All servers are on the same network. Now it's all right. Very very good. Great!

It is reporting CVE from ADOBE AIR and OPENVPN but from MOZILLA FIREFOX it does not report anything. How to make some rules or create a regex to find all Firefox CVEs?

I tried to do as in (https://wiki.ocsinventory-ng.org/04.Management-console-and-its-advanced-features/CVE-Search-match-regex/) but without success.

Thank you very much Steph!
by (270 points)
+1 vote
Good if it works better now for you !

I too have created several RegEx rules in OCS Inventory (especially for Microsoft Office) but without success.

I have serious doubts about the effectiveness of this feature (perhaps it has been fixed in the latest versions of the server ?)
by (32.6k points)
0 votes
Thank you very much Steph, your answers helped me a lot.

Thank you for your help in this question.

Very nice!
by (270 points)
 
Powered by Question2Answer
...