Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Use this syntax:

SetInvalidVulns, ip_address, port, proto, type, vuln_id

You can use the 

SetValidVulns

 function to activate vulnerabilities on a host or set of hosts. Once you 

set a vulnerability as Valid for a host, Defense Center assigns a red impact to the event if the SID in the 
event is mapped to the valid vulnerability. For the function call to be effective, the vulnerability must 
exist on the host and be set to invalid.

Use this syntax:

SetValidVulns, ip_address, port, proto, type, vuln_id

ip_address

Indicates the string containing the 
IP address or addresses for the 
affected host or hosts.

Yes (unless MAC 
addresses are 
provided)

A comma-separated list of IP addresses, CIDR 
blocks, and ranges of IP addresses.

port

With the 

proto

 field, identifies 

the server affected by the 
vulnerability on the host where 
the import occurs.

Yes, if the fix 
applies to a server

Integers in the range of 1-65535.

proto

With the 

port

 field, identifies the 

server affected by the 
vulnerability on the host where 
the import occurs.

Yes, if the fix 
applies to a server

Either the strings 

tcp

 or 

udp

 or the appropriate 

protocol IDs 

6

 (tcp) or 

17

 (udp).

vuln_id

Indicates the vulnerability ID for 
the vulnerability. 

Yes

Valid Cisco vulnerability IDs, or mapped third-party 
vulnerability IDs.

For third-party vulnerabilities, note that you must 
map the third-party vulnerability ID and reference the 
vulnerability map set in the 

vuln_type

 field. For 

more information, see 

ip_address

Indicates the string containing the 
IP address or addresses for the 
affected host or hosts.

Yes

A comma-separated list of IP addresses, CIDR 
blocks, and ranges of IP addresses.

port

With the 

proto

 field, identifies 

the server affected by the 
vulnerability on the host where 
the import occurs.

Yes, if the fix 
applies to a server

Integers in the range of 1-65535.