Link to home
Start Free TrialLog in
Avatar of janhoedt

asked on

CVE score: Docker, Powershell ...


Please see

I could also use Docker to run on my Windows 2016 labserver and install the  CVE stuff on it:

Just wonder: howto do this? When it is there, how can I scan for a CVE score, f.e. Firefox 60.1, what is its CVE score (preferrably Powershell based (run a ssh session or other options?)?

Avatar of David Favor
David Favor
Flag of United States of America image

Docker is a lightweight container system.

If you're trying to run Windows, likely LXD + VirtualBox + Windows will be a better fit.

To do a CVE scan, you'll follow the installation + scanning process described on the GitHub URL you provided.

Keep in mind...

Windows != Linux

This means you'll likely have to jump through some hoops to either install the CVE scanner on Windows or create/export a filesystem from your Windows install your Linux Distro can understand.
Scanning the cve-search page... fastest approach to getting your CVE scanning working will be to do a Windows install using a filesystem Linux can understand.
Avatar of janhoedt


Thanks a lot, but I wonder what new info you provided.

I know Docker, why would I install Linux when there are Docker images for cve.

Linux is not Windows, that s correct.

Follow the link I provided. Ok.

But nowhere I find a way to find a cve score for a version of a software f.e. Mozilla Firefox 61, like I mentioned.

" fastest approach to getting your CVE scanning working will be to do a Windows install using a filesystem Linux can understand."

There you totally lost me. A Windows install what Linux understands. Ehm, to do.what exactly? No. You lost me.

For Windows 2016 to run Docker apps, it will need at least Docker Engine - Enterprise. There steps for installing it using OneGet PowerShell Module that was shipped in Windows 10 and 2016.

With the installed Docker engine, we need to pull the cve-search image down and then run it. I saw there is ready package Dockerfile though it may be quite a while back.

docker run -d -p 5000:5000 --name cve ttimasdf/cve-search:withdb

Open in new window

  • The database will be downloaded when the container is first launched, this can take some time.
  • You can then run, for example docker exec -it [CONTAINER] -f nagios -n or other scripts provided by cve-search to interact with the database.
  • Use docker exec -it [CONTAINER] cvedb -u to update the database.
  • Most importantly, you can use the WEB INTERFACE at port 5000 (or whatever you exposed)

Thereafter, the cve-search usage will then follow the example in

Thanks. Looking good. But again: how can I get a version, f.e. Firefox 61 out of it using Powershell.

Don t see an option to get a version and don't see howto get it via Powershell.

If I cannot automate it via Powershell, it's pretty useless to me ( I d need to map existing software in sccm to its cve score ).

Then I might as well browse to cve site and search it by hand (which I won't because it would be a day job keeping that up to date).

Understand. Since you are not into scripting, as automate the HTTP get thru Powershell will take efforts, professional services is required. What looks more easier for you to use Python.

Anyway, either you go online, which you can also automate , or go for the NVD tool with ready PS to use.

Since you are not into scripting

>What makes you think that?

The title of my question contains Powershell, that s scripting. I do want to automate everything via Powershell, that s the whole idea.

I m just missing the link here: I have my cve db in a Docker. Great, how do I query this via Powershell so I can match the sccm applications to cve score?

Powershell has web calls similar to curl.. which is to make http queries. So if the docker presents as the web services as I shared in the docker example, then it will make it possible to query it via the port exposed. 

That makes so sense. Why install a local db then? Then you might as well crawl the public site. Which is what I don't want to do since, besides it is slow, you have to build up logic depending on the way they format the site. If it is redesigned, it won't work anymore.

This would make sense:

Sure you can query direct to the db which is faster, and what I suggested is more to use its exposed interfaces . Extracted in cve search

The web interface is a minimal interface to see the last CVE entries and query a specific CVE. You'll need flask in order to run the website and Flask-PyMongo. To start the web interface:

cd ./web ./ 

Open in new window

Then you can connect on to browser the last CVE.

My question from the start is to query via Powershell, why you go for html again and again?
I m not interested to browse to an html page. I need to automate cve search, why would I want to browse??
Avatar of btan

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Still no final solution, but I gave up.