Listing Vulnerabilities in a Host Scan
View details about potential OS vulnerabilities that were detected on a specific Compute instance.
Oracle uses common vulnerabilities and exposures (CVE) numbers to identify security vulnerabilities for operating systems and other software, including critical patch updates and security alert advisories. CVE numbers are unique, common identifiers for publicly known information about security vulnerabilities. View Qualys IDs (QIDs) in the Vulnerability Scanning service user interface.
Qualys ID (QID) numbers are unique identifiers assigned by Qualys to identify security vulnerabilities. View QIDs in the Vulnerability Scanning service user interface or in the Qualys VMDR user interface on the Vulnerabilities Tab.
Because Oracle Linux and other enterprise Linux distributions back port security fixes to the version that's included in a specific major release, the Vulnerability Scanning service can incorrectly report vulnerabilities on OS packages that have already been fixed. Also, the Vulnerability Scanning service can incorrectly report Oracle Linux vulnerabilities that were fixed by Ksplice. See Troubleshooting the Vulnerability Scanning service.
You can also use vulnerabilities reports to browse all vulnerabilities that the Vulnerability Scanning service detected.
Use the oci vulnerability-scanning host vulnerability list command and required parameters to retrieve a list of the vulnerabilities for a host in a compartment:
export compartment_id=<substitute-value-of-compartment_id> # https://docs.cloud.oracle.com/en-us/iaas/tools/oci-cli/latest/oci_cli_docs/cmdref/vulnerability-scanning/host/vulnerability/list.html#cmdoption-compartment-id oci vulnerability-scanning host vulnerability list --compartment-id $compartment_id
For a complete list of flags and variable options for CLI commands, see the Command Line Reference.
Run the ListHostVulnerabilities operation to retrieve a list of the vulnerabilities for a host in a compartment.