In Oracle Cloud Infrastructure (OCI), vulnerability scanning services are offered to help ensure the security of your infrastructure. The OCI vulnerability scanning service is designed to scan virtual cloud networks (VCNs) and identify vulnerabilities in the cloud infrastructure
In this post, we are going to explain, once a CVE is detected, then what is the approach we can take to mitigate those CVE risks. But before we do so, i would suggest we go through the official Oracle Documentations VSS.
You can access the vulnerability scanning service in OCI through the OCI console. Here's a brief guide on how to do it:
Log in to the OCI Console.
Open the "Security" menu.
Click on "Security Advisor".
Navigate to "Vulnerability Scanning".
Now, let us go through the remediation steps. You might get the CVEs as listed below
If we click on "View Details", we might see the below information for cause and remediation.
The errata details can be found in the link which is considered to be as the database for CVEs.
Server was already having the version 4.5.0-36.el7_9.5
rpm -qa|grep libvirt
Thus, we came to conclusion that the CVEs are being reported for the existing package which is there in the server and in order to mitigate them, we need to upgrade the version to 5.
Steps:
Steps:-
1.
cd /etc/yum.repos.d
2.
took the backup of file public-yum-ol7.repo
3.
took the backup of boot volume
4.
in the file public-yum-ol7.repo, enabled the
flag as 1 for section
y yum update
1.
Reboot the server
2.
Disable and enable VSS
3.
Verify the Scanning report
4.
Check with the application team for sanity
before moving it to next higher instances
y
These are the many ways through which we can mitigate the CVEs being reported by VSS in OCI. I hope this post will help someone. Till then, happy learning cloud.
OCI Vulnerability Scanning Services are crucial for cloud security! For robust tools, PathofBuilding is a great choice.
ReplyDelete