Vulnerability can be linked to host or directly to L4 interface. This is used to identify vulnerabilities directly exposed to network.
CVEs in model are linked to vulnerabilities so we can search vulnerabilities by CVE and vice versa.
Patches are here to resolve vulnerabilities. So they are refering to vulnerabilities.
fcpc add vulnerability/qvuln4 name="Vulnerability4" severity=4
fcpc add vulnerability/qvuln5 name="Vulnerability5" severity=5
fcpc add vulnerability/qvuln6 name="Vulnerability6" severity=4
fcpc add cve/cve1 name="CVE1"
fcpc add cve/cve2 name="CVE2"
fcpc add cve/cve3 name="CVE3"
fcpc add patch/patch1 name="Patch1"
fcpc link vulnerability/qvuln4 ~is-in host/elastic
fcpc link vulnerability/qvuln5 ~is-in host/kibana
fcpc link patch/patch1 ~remediates vulnerability/qvuln4
fcpc link patch/patch1 ~remediates vulnerability/qvuln5
fcpc link vulnerability/qvuln4 "~refers" cve/cve1
fcpc link vulnerability/qvuln5 "~refers" cve/cve2
fcpc link vulnerability/qvuln6 "~refers" cve/cve2
fcpc link vulnerability/qvuln6 "~is-on" l4interface/kibana_5600
fcpc --search.show.output=dot search vulnerability "~is-in" host , patch "~remediates" vulnerability , vulnerability "~refers" cve , vulnerability "~is-on" interface+ , l4interface/kibana_5600 "~is-on" host
Next - Showing impacts of objects
Previous - Adding applications and groups
Start - See all steps