Purpose
This guide outlines the step-by-step process to verify the detection of vulnerabilities on a system, cross-check installed packages, and ensure proper patch management and repository configuration.
Prerequisites
Access to system scan output (
system-characteristics.xml)Vulnerability scan results (
vulnerability-results.xml)Vulnerability definitions (
vulnerability.xml)Patch information (
missingpatchcollection.json)Basic knowledge of RPM package versions (EVR: Epoch:Version-Release)
Step 1: Identify Installed Packages
Open the system scan output file:
system-characteristics.xml.Locate installed applications under the
<rpminfo>entries.Identify the package of interest using the
idattribute.
Example:Record the
id, package name, and version.
Step 2: Match Against Vulnerability Results
Open
vulnerability-results.xml.Locate the entry corresponding to the package
idfrom Step 1.Check the
resultfield:true→ Vulnerability detectedfalse→ No vulnerability detected
Example:
Step 3: Correlate with Vulnerability Definitions
Open
vulnerability.xml.Search for the
test_idretrieved from Step 2.Locate the
<rpminfo_test>block associated with this test.
Purpose: This defines the criteria used to determine vulnerability.
Step 4: Locate the State Reference
Within
<rpminfo_test>, find thestate_refvalue.
Example:state_refprovides the expected version threshold for the vulnerability evaluation.
Step 5: Perform Criteria Check
Compare the installed package version (from Step 1) with the EVR string in
state_ref.Check:
If installed version matches or is lower than
state_ref→ VulnerableIf installed version is higher than
state_ref→ Not vulnerable
Document the evaluation result.
Step 6: Verify Patch Version / Repository
Open
missingpatchcollection.json.Identify the installed patch version for the package.
Cross-check with the repository information:
Patch corresponds to the current major release → Current repository
Patch corresponds to the previous major release (N-1) → Using N-1 repository
Document repository usage to verify compliance with patch management policy.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article