All scripts
isp
Advanced
4–9 min
T-ISP-039 · OS Version & CVE Exposure Reporter
Map fleet OS versions against a vendor PSIRT/CVE feed to report exposed devices, severity-ranked advisories, fixed-release recommendations, and end-of-support flags.
Cisco IOS-XR
Cisco IOS/XE
Juniper Junos
Nokia SR OS
You're viewing a preview
The full script, parameters, and execution console are available with a free account.
Already have access? Sign in →
Capabilities
- Version → CVE mapping
- CVSS severity ranking
- Fixed-release suggestion
- EoS / EoL flags
- Per-advisory device list
- CSV + JSON output
Required inputs
Parameters the script accepts. Defaults shown; some are vendor- or context-gated.
| Parameter | Type | Default | Notes |
|---|---|---|---|
Minimum CVSS to report min_cvss | string | 7.0 | — |
Flag end-of-support include_eos | bool | true | — |
Sample inventory schema
Authoritative shape of the device/policy data this script consumes.
No bundled inventory sample. The script accepts standard device lists (CSV/YAML) with hostname, mgmt IP, vendor, and credentials.
Expected output
Reference terminal output the script should produce — used as a stylistic and structural target.
terminal
2026-06-15 19:10:00 INFO Matched 18 devices against PSIRT feed 2026-06-15 19:10:01 CRIT cisco-sa-2026-xr (CVSS 9.8): 3 devices exposed 2026-06-15 19:10:01 WARN pe-05 running EoS release 7.3.1 2026-06-15 19:10:01 INFO Report written to cve-exposure.json (5 advisories)