Can we add information about an exploit being available for a Finding? #11920
-
|
Hi all, one important information in our vulnerability management process is whether an exploit is available for a certain vulnerability or not. Given that we have one Finding per CVE in DefectDojo, is there any official field to set to true if exploit is available for that CVE? If not, any reason for that? That seems like a basic information about a vulnerability and many security tools include it. A similar discussion is found here: #9736, but in that case no one explained the lack of a property for exploit available in the Finding level. Thanks a lot |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
Hi, There's no separate field to capture the fact that an exploit is available or not. The CVSS field does have the possibility to capture it, along with the maturity level of the exploit. I can imagine that it could be useful to have a separate field for this in Defect Dojo. The best way forward would be to create a fearture request: via https://github.com/DefectDojo/django-DefectDojo/issues/new?template=feature_request.md and specify your request in more detail. For example including the places in Defect Dojo that would/should be affect by this new field. For example filters and/or reports. Valentijn |
Beta Was this translation helpful? Give feedback.
-
|
Having a dedicated field would allow us to really precise when filtering and prioritising vulnerabilities for a fix. A simple boolean checkbox would already be helpful, but the feature would be complete if we could specify the maturity of the exploit. Something is a simple PoC in an exchange list, something else is when an exploit is weaponised via Metasploit. I guess the next step would be to open the Feature Request then. Thanks |
Beta Was this translation helpful? Give feedback.
-
|
Yes. If I create it for you, you can't edit it so it's better if you raise it. It would be interesting to see what should happen if finding is created or edited and the CVSS contains exploitability info in the Temporal scores. |
Beta Was this translation helpful? Give feedback.
Hi,
There's no separate field to capture the fact that an exploit is available or not. The CVSS field does have the possibility to capture it, along with the maturity level of the exploit. I can imagine that it could be useful to have a separate field for this in Defect Dojo.
Would this field need to be a simple Yes/No boolean/checkbox field? Or should it be dropdown to select a maturity level?
The best way forward would be to create a fearture request: via https://github.com/DefectDojo/django-DefectDojo/issues/new?template=feature_request.md and specify your request in more detail. For example including the places in Defect Dojo that would/should be affect by this new field. For example …