Why are some OVAL definitions not available on the KACE SMA (Systems Management Appliance)?
The OVAL repository is and always has been based on user contributions. Individuals or organizations take the time to write and submit OVAL tests, often based on CVEs. The tests are then added to the repository and available in the feed, which essentially is an up-to-date XML file of all the OVAL tests. The KACE team downloads this feed and packages it up for monthly distribution to our SMAs that are under an active maintenance agreement.
For more information on this topic, please see the KACE-SMA Course 9 - Vulnerability Scanning - Web-based Training
The OVAL repository is and always has been based on user contributions. Individuals or organizations take the time to write and submit OVAL tests, often based on CVEs. The tests are then added to the repository and available in the feed, which essentially is an up-to-date XML file of all the OVAL tests. The KACE team downloads this feed and packages it up for monthly distribution to our SMAs that are under an active maintenance agreement.
A few months back, ownership of the repository changed from MITRE (a federally-funded nonprofit) to the Center for Internet Security (another federally-funded nonprofit). Since the transition, definitions for Microsoft Patch Tuesday are not being updated on the typical schedule. Examining the repository shows that there have only been a handful of submissions over the last few months.
This was discussed on the last OVAL Board call and we are confident that they will eventually get this going again, but until then the value of this capability may be diminished. We will continue our monthly distribution of any updates that are made available.
***UPDATE***: As of 2024, there hasn't been any substantial updates to the OVAL catalog since 2022, and it's set to be deprecated on June 30, 2024. For this reason, this feature has been removed from the SMA starting on version 14.0.
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center