Query Details
Open SSL Vulnerable Devices
Query
# List all the vulnerable devices for the OpenSSL critical vulnerability (nov 2022) ---- ### Defender For Endpoint ``` DeviceTvmSoftwareInventory | where SoftwareName contains "openssl" | where SoftwareName contains "3.0" or SoftwareVersion contains "3.0" | project DeviceName, SoftwareName, SoftwareVersion ```
Explanation
This query lists all the devices that are vulnerable to the critical OpenSSL vulnerability that occurred in November 2022. It specifically focuses on devices using Defender for Endpoint. It filters the devices based on the presence of "openssl" in the software name and either "3.0" in the software name or version. The query then projects the device name, software name, and software version for the vulnerable devices.
Details
Bert-Jan Pals
Released: February 14, 2023
Tables
DeviceTvmSoftwareInventory
Keywords
DeviceTvmSoftwareInventory,SoftwareName,SoftwareVersion,DeviceName
Operators
wherecontainsorproject