This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Top CVE findings on your virtual machines

Posted on 06-20-2024 03:51 AM
subrahmanyam425
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

I am facing issue with Security Command Center(RiskOverview) page and given detailed steps as below.

  1. I have permissions for Security Command Center(SCC) with "Enterprise" at Organization level and  "Premium" at Project level. 
  2. But I could not be able to see any information in "RiskOver" page for  "Top CVE findings on your virtual machines". 
  3. I have gone through various SCC documentations and changed IAM permissions for my account to see the information for  "Top CVE findings on your virtual machines".
  4. After trying a lot of ways, I came to here for a solution. Please suggest how to proceed further and if any other information is required from myside, please let me know. I will provide the required information.

Thanks and regards,
Subrahmanyam

0 4 293
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
vaskenh
Staff
Reply posted on --/--/---- --:-- AM

Hi @subrahmanyam425 .  This feature requires enabling VM Manager.  Please see the below documentation on VM Manager and the associated setup process. 

https://cloud.google.com/security-command-center/docs/concepts-security-sources#vm_manager 

0 Likes

Posted on --/--/---- --:-- AM
subrahmanyam425
Bronze 1
Bronze 1
In response to vaskenh
Reply posted on --/--/---- --:-- AM

Hi @vaskenh 

I have previously followed it and also enabled VM manager API in my current project as well but that solution did not work for me.. I was able to see all components in Risk Overview page(SCC) except the "Top CVE findings on your virtual machines". For better understanding, I am attaching a screenshot. 

For your information, I have installed xz-utils vulnerability and also see CVE under compute engine( under OS_Info). But the same(CVEs) are not reflecting in Findings page as well as "Top CVE findings on your virtual machines".

subrahmanyam425_0-1719290181209.png

 






0 Likes

Posted on --/--/---- --:-- AM
andras
Staff
In response to subrahmanyam425
Reply posted on --/--/---- --:-- AM

I was having a look through the notes on this topic and trying to narrow down where the issue maybe.

Can you see the Vulnerabilities for the instance under the VM instance details? 

Screenshot 2024-07-16 at 16.37.48.png

Can you see the Vulnerability when looking for Vulnerabilities in your Findings List?

Screenshot 2024-07-16 at 16.42.50.png

0 Likes

Posted on --/--/---- --:-- AM
siva_narla
New Member
In response to andras
Reply posted on --/--/---- --:-- AM

Hi Andras,

I am having the same issues, where we have enabled VM Manger and Web Security Scanner. But, I don't see OS vulnerabilities on both sections you mentioned above.

0 Likes