SQL Query to Return all Known Exploited Vulnerability for An Asset

To Whomever Might Help me :pray:t4:

I need a SQL query (that will be run from InsightConnect) to return a list of vulnerabilities found on a specific asset and known to be actively exploited (based on Rapid7 database or CISA catalog).

Delvain Mbina

This is what I came up with but I am not getting any outputs

SELECT dv.nexpose_id AS “Vulnerability ID”, dv.title AS “Vulnerability Title”,
dv.severity AS “Severity”, dv.cvss_vector AS “CVSS”, dv.riskscore AS “Risk Score”
FROM fact_asset_vulnerability_finding favf
JOIN dim_asset da USING (asset_id)
JOIN dim_asset_host_name dahn ON da.asset_id = dahn.asset_id
JOIN dim_vulnerability dv USING (vulnerability_id)
JOIN dim_vulnerability_category dvc ON dv.vulnerability_id = dvc.vulnerability_id
Where da.host_name LIKE ‘Computer01%’ AND dvc.category_name = ‘cisa kev’
GROUP BY dv.nexpose_id, dv.title, dv.severity, dv.cvss_vector, dv.riskscore
ORDER BY dv.riskscore ASC