SQL Query Example: Patch Tuesday

Document created by synapsr on Feb 6, 2015
Version 1Show Document
  • View in full screen mode

Some of our customer would like to report on vulnerabilities from the latest Microsoft Patch Tuesday.


Note:  Vulnerability titles need to be updated


SELECT ds.name AS site, da.ip_address, da.host_name, dv.title AS vulnerability_title, dos.description AS operating_system, dos.cpe

FROM fact_asset_vulnerability_finding favf

JOIN dim_asset da USING (asset_id)

JOIN dim_operating_system dos USING (operating_system_id)

JOIN dim_vulnerability dv USING (vulnerability_id)

JOIN dim_site_asset dsa USING (asset_id)

JOIN dim_site ds USING (site_id)

WHERE (dv.title LIKE '%MS13-088%') OR (dv.title LIKE '%MS13-089%') OR (dv.title LIKE '%MS13-090%') OR (dv.title LIKE '%MS13-091%') OR (dv.title LIKE '%MS13-092%') OR (dv.title LIKE '%MS13-093%') OR (dv.title LIKE '%MS13-094%') OR (dv.title LIKE '%MS13-095%')

ORDER BY da.ip_address ASC, dv.title ASC

2 people found this helpful