Xray 3.X

XRAY: Validating CVE Existence In Xray DB

AuthorFullName__c
Or Naishtat
articleNumber
000005214
ft:sourceType
Salesforce
FirstPublishedDate
2022-02-21T09:48:03Z
lastModifiedDate
2022-02-21
VersionNumber
8

Validate by CVE:

SELECT * FROM public_vulnerabilities_cves WHERE cve like '%<CVE-ID>%';

Validating by Xray ID:
 

SELECT * FROM public.public_vulnerabilities WHERE vuln_id like '%<XRAY-ID>%';

 

For example, validating the existence of log4j-core in Xray 3.x PSQL database:

By CVE:

SELECT * FROM public_vulnerabilities_cves WHERE cve like '%CVE-2021-44228%';

 

By Xray ID:

SELECT * FROM public.public_vulnerabilities WHERE vuln_id like '%XRAY-191654%';




Xray 2.X

1. Get the MongoDB password from the MongoDB_Admin_pass.txt file:
cat ~/MongoDB_Admin_pass.txt

 
2. Login to MongoDB:
 mongo -u xray --authenticationDatabase xray --authenticationMechanism SCRAM-SHA-1 -p <PASSWORD>


3. Switch to Xray database:
use xray

4. Search by vulnerability by Xray ID:
db.vulnerabilities.find({"_id":"<XRAY ID>"})


5. Search by CVE:
db.vulnerabilities.find({"cves.cve" : {$regex: "<CVE>"}})
 

For example, validating the existence of log4j-core in Xray DB:

 By CVE:

db.vulnerabilities.find({"cves.cve" : {$regex: "CVE-2021-44228"}})



By Xray ID:

db.vulnerabilities.find({"_id":"XRAY-191654"})