Yum-Cha (Yum Install IAVA / IAVM)

Background Many of you are probably aware that DISA earlier this year FINALLY released a mapping of IAVM-to-CVE data. However, the problem still remains that administrators who are notified they need to become compliant with a specific IAVA have to manually find all the applicable CVE’s referenced to the specific IAVA. In some cases this is pretty easy with the IAVM-to-CVE tools mentioned above, but sometimes there are a lot of CVE’s referenced. […]