Reset Search



KB43928 - How to configure Common Vulnerability and Exposure (CVE) Check Rules for Windows OS using Host Checker

« Go Back


Last Modified Date11/1/2018 11:01 PM
This article provides the steps to configure a Host Checker policy to configure Common Vulnerability and Exposure (CVE) check rules for Windows OS.
Problem or Goal
To protect against endpoints that may be vulnerable to attacks, Host Checker provides a CVE check rule that can identify vulnerable endpoints using the OPSWAT library.  
Common Vulnerability and Exposure (CVE) check rules for Windows platforms are supported starting with PCS OS 9.0R1.  To configure this Host Checker policy, follow the steps below:

  • CVE check rule is supported with active OPSWAT SDK version V4.
  • OPSWAT version 3 does not support CVE rules. These rules will always be evaluated as failed and may cause the host checker policy to fail. We recommend to either delete CVE rules or use OPSWAT V4 SDK for CVE rules support.
TSB41055 - OPSWAT v3 software EOL Notification

Configuration on the Pulse Connect Secure device:

  • In the admin GUI navigate to Authentication > Endpoint Security > Host Checker
  • Create a new policy, or select an existing policy to modify in the Policies section of the page.
  • Click the Windows tab
       Under Rule Settings, select Predefined: CVE Checks and click Add.
User-added image
  • Enter a Rule Name for the CVE Check rule. 
  • From the Criteria, select
  • Select Require all supported CVE checks or Check for specific CVE checks then select the specific CVE's from the available list.
User-added image
  • Click Save Changes.
    Related Links
    Attachment 1 
    Created BySahil Mahajan



    Was this article helpful?



    Please tell us how we can make this article more useful.

    Characters Remaining: 255