Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador

You can use the Package Fix functions to apply or remove fixes for hosts in your network map.

For more information, see the following sections:

You can use the 

AddFix

 function to map a fix to a specified host or server. You can map a fix using a fix 

ID from the Cisco vulnerability database (VDB), or using a third-party fix that you map to a fix in the 
VDB using the Defense Center web interface.

When you apply a fix to a host or server, the vulnerability mappings for the system are adjusted and the 
fixed vulnerabilities are marked as Invalid in the web interface and are not used for impact assessment. 
However, note that if the applied fix is not applicable to the OS or server identity the fix has no effect. 

Use the following syntax:

AddFix, ip_address, port, proto, fix_id

ip_address

Indicates the string containing the IP 
address or addresses for the affected 
host or hosts.

Yes (unless 
MAC addresses 
are provided)

A comma-separated list of IP addresses, CIDR 
blocks, and ranges of IP addresses.

mac_address

Indicates the list of MAC addresses 
for the affected host or hosts.

Yes (unless IP 
addresses are 
provided)

A list of MAC address strings, with or without 
separating colons.

proto

Indicates the identification string or 
name of the protocol to be added.

Yes

Valid protocol names consisting of alphanumeric 
characters or spaces. For transport protocols 
(

“xport”

), protocols listed in the 

/etc/protocols

 

file are acceptable. For network protocols (“

net

”), 

see 

.

type

Indicates the type of protocol to be 
added. 

Yes

“xport”

 or 

“net”