2.2 Using CVEs with ZENworks Patch Management

With Patch Management, after the patches are downloaded to the ZENworks server and a patch scan is performed, you can identify the vulnerable devices in your zone. However, you cannot easily identify the vulnerability addressed by the patch. To identify the vulnerability addressed by the patch you need to view the Patch Details window or you need to know the CVE ID based on which you can perform a search. However, now, as part of the Security feature, ZENworks provides you with a new security view that simplifies the setting up and tracking of security in your zone. You can quickly grasp the security posture of your devices with the vulnerability based view and approach to remediation. You can identify patches based on the CVE information and then remediate the vulnerable devices by applying the relevant patch policy or remediation bundle. The process by which ZENworks identifies these vulnerabilities is as follows:

  1. Create and run a CVE subscription to import data from the NVD repository.

  2. Create and run a Patch subscription to import data from the Patch Content repository.

    After the CVE and Patch subscriptions are run, CVEs and Patches are imported to the configured ZENworks Server.

  3. ZENworks maps the patches to the CVEs, based on the CVE ID associated with the patch signature.

    When a patch scan is performed on devices as part of the device refresh, the vulnerable devices are identified. Users can also configure the patch scan schedule or they can manually run the initiate patch scan quick task based on their requirement.

  4. The applicable patches are then deployed on the vulnerable devices, either through patch policies or through remediation bundles.

After all the CVE’s patches are installed on the device, the device is no longer vulnerable.