Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

You can use the host input import tool to add scan results to your Defense Center and to flush the added 
results to the database. When adding a scan result you can map third-party vulnerabilities in the results 
to CVE or BugTraq vulnerabilities. 

See the following sections for more information:

You can use the 

AddScanResult

 function to add scan results from a third-party vulnerability scanner and 

map each vulnerability to a BugTraq or CVE ID. If you import scan results using this function, be sure 
to edit the source definition for the input source in your network discovery policy to set the identity 
source type to Scanner.

Use this syntax:

AddScanResult, ipaddr, 'scanner_id', vuln_id, port, protocol, 'name', 'description', 

cve_ids, bugtraq_ids

How results are added depends on whether you use the ScanUpdate or ScanFlush function. For more 
information, refer to 

 and 

proto

With the 

port

 field, identifies the 

server affected by the 
vulnerability on the host where 
the import occurs.

Yes, if the fix 
applies to a server

Either the strings 

tcp

 or 

udp

 or the appropriate 

protocol IDs 

6

 (tcp) or 

17

 (udp).

vuln_id

Indicates the vulnerability ID for 
the vulnerability. 

Yes

Valid Cisco vulnerability IDs, or mapped third-party 
vulnerability IDs.

For third-party vulnerabilities, note that you must 
map the third-party vulnerability ID and reference the 
vulnerability map set in the 

vuln_type

 field. For 

more information, see