Summary
The customer faces an issue where the product status in Software Vulnerability Manager is incorrect.
Cause
- The product detection rule is not available in the product vulnerability database.
- Vulnerability Database hasn't been synced with Flexera SVM backend
Diagnoses
- The product detection rule is not available in the product vulnerability database.
- Login to the SVM database
MySQL -u root -p
- Select the Vulnerability Database
Use vuln_track;
- Execute this command to check the os_soft_id in the Vulnerability database
SELECT os_soft_id FROM os_soft WHERE os_soft_name LIKE 'put product name here';
- Use the os_soft_id as product ID in the below command to check the detection rule.
SELECT * FROM vuln_track.sr_match_files WHERE product_id =put product ID here;
Please note: If the above query doesn’t provide a result, this means the product detection rule is not available in the vulnerability database for tracking and issuing an advisory.
- Vulnerability Database hasn't been synced with Flexera SVM backend
- Login to the SVM database
MySQL -u root -p
- Select the Vulnerability Database
Use vuln_track;
- Execute this command to check the product ID in the Vulnerability database
select MAX(vuln_create_date) from vuln_track.vuln;
Please note: If the above query doesn’t provide a current date and shows an old date, this means the Vulnerability Database hasn’t been synced.
https://community.flexera.com/s/Software-Vulnerability-Manager/Coffee-Break-Series-1-Checking-the-Vulnerability-Database-is-up/ta-p/169096
Solution
Product detection rule is not available.
The customer needs to suggest the software via his SVM cloud portal, so the Flexera File Signature team can add the product to the database for tracking and detection rule.
SVM > Configuration > Suggest Software
Vulnerability Database hasn't been synced with Flexera SVM backend
- Check your SVM onpremise server public IP
If the public IP has been changed and Flexera SVM backend whitelisted public IP is old then the Vulnerability database will not get the latest vulnerability information
- Tail the /usr/local/Secunia/csi/log/sync.log for any errors etc
tail -n 1000 /usr/local/Secunia/csi/log/sync.log
If you see errors in the sync log or the public IP has been changed, then please contact Flexera SVM support.
Important: The SVM on-premise customers cant suggest the software from their SVM portal via IE, so they need to request SVM support to provide them the SVM cloud account with one host license, so they can suggest the software.
Are you sure you want to cancel the case creation?
Are you sure you want to close this case
| Products | Region | Phone Numbers |
|---|---|---|
| FlexNet Operations FlexNet Embedded FlexNet Publisher FlexNet Connect FlexNet Code Insight InstallAnywhere InstallShield |
North America * |
+1 630-332-2513 (toll) +1 877-279-2853 (toll-free in North America) |
| Europe * |
+44 1925 944367 (toll) +44 800 047 8642 (toll-free in Europe) |
|
| Japan * | +81 3-4540-5335 (select option 2) | |
| Australia * |
+61 3 9895 2177 +61 1800 560 603 (toll-free in Australia) |
|
|
Usage Intelligence (formerly
Revulytics) Compliance Intelligence |
Please use the Case Portal to submit your support ticket or reach out to your Revenera contact. | |
Case id: 00001065
Activity: Status change: 2 hours ago