Hello, I am new to Rapid7 and don’t do many SQL queries.
I am looking for a report that shows exploitable Vulnerabilities that are older than 60 days
Any help would be appreciated.
Hello, I am new to Rapid7 and don’t do many SQL queries.
I am looking for a report that shows exploitable Vulnerabilities that are older than 60 days
Any help would be appreciated.
Found this in Copilot but it of course is not working,
SELECT
da.ip_address,
da.host_name,
dv.title AS vulnerability_title,
dv.riskscore,
dv.date_published,
dv.exploits,
fs.proof_as_text
FROM
dim_asset da
JOIN
fact_asset_vulnerability_finding favf ON da.asset_id = favf.asset_id
JOIN
dim_vulnerability dv ON favf.vulnerability_id = dv.vulnerability_id
JOIN
dim_vulnerability_reference dvr ON dv.vulnerability_id = dvr.vulnerability_id
LEFT JOIN
fact_vulnerability_solution fs ON favf.vulnerability_id = fs.vulnerability_id
WHERE
dv.date_published < (CURRENT_DATE - INTERVAL ‘60 days’)
AND dv.exploits IS NOT NULL
ORDER BY
dv.date_published DESC;
Use the “Exploitable Vulnerability Findings Discovery Date by CVSS Score (Grouped by V3 Category)” widget in your dashboard and select the age of the vulnerabilities to filter. There are many other prebuilt cards you can add related to this need.
Exploitable Vulnerability Findings.pdf (13.7 KB)