Software Vulnerabilities
The product name for this user guide has changed from Foundation and Cloudscape to Business Service Discovery and Migration Planning. Previous UI pages known as Foundation have changed to Business Service Discovery. Previous UI pages known as CloudScape have changed to Migration Planning.
We update our database daily at 4:30 AM UTC with software vulnerabilities (that is Common Vulnerabilities and Exposures (CVEs)) from the National Vulnerability Database (NVD) maintained by the National Institute of Standards and Technology as well as the Open Vulnerability and Assessment Language (OVAL) repository maintained by the Center for Internet Security. CVE data being used is never more than 24 hours old.
Our SSH collection pulls rpm/dpkg package lists from Linux servers once per day in the environment and compares the package to those listed in the vulnerability data.
We will pull CVEs for the following Linux distributions:
| Distribution | Supported Versions |
|---|---|
| Debian | 10, 11, 12 |
| Oracle Linux | 6, 7, 8, 9 |
| RHEL Server | 6, 7, 8, 9 |
| SLES | 12, 15 |
| Ubuntu LTS | 16.04, 18.04, 20.04, 22.04 |
| AlmaLinux/Rocky Linux | 8, 9 |
| CentOS | 7 |
No EOL distributions are supported.
SLES for SAP Applications is not currently supported, nor are non-LTS versions of Ubuntu.