Garrison Agent - CVE Details

This is a part of the Garrison security project. This agent provides CVE checks.

Checks Provided

Function Name	Description
check_cve_details	Alerts for latest 30 CVEs found for a particular vendor and/or products.

Installation & Example

Docker Hub - https://hub.docker.com/r/forward3d/garrison-agent-cve-details/

docker pull forward3d/garrison-agent-cve-details
docker run --rm -e "GARRISON_URL=https://garrison.internal.acme.com" -e "GARRISON_CVE_VENDOR_ID=7252" -e "GARRISON_CVE_VENDOR_NAME=ruby" -e "GARRISON_CVE_PRODUCT_IDS=12215" -e "GARRISON_CVE_PRODUCT_NAME=ruby" forward3d/garrison-agent-cve-details check_cve_details

Check Specific Configuration

Some checks provided by this agent have extra configuration options.

check_cve_details

Environmental Variable	Note
GARRISON_CVE_VENDOR_ID	Vendor ID you want to search for
GARRISON_CVE_VENDOR_NAME	Vendor name to show on the alert
GARRISON_CVE_PRODUCT_IDS	Product IDs you want to search for
GARRISON_CVE_PRODUCT_NAME	Product name to show on the alert, this is so you can group them up under one name, as sometimes you may have multiple product IDs for the same thing, eg. Cisco ASAs have a hardware product ID, and a firmware product ID

If you don't specify GARRISON_CVE_PRODUCT_IDS and GARRISON_CVE_PRODUCT_NAME then it will pull CVEs from all the vendor products.