Question 1

Where does ConnectMyAssets get its CVE data from?

Accepted Answer

CVE data is sourced from the NIST National Vulnerability Database (NVD) and the CISA Known Exploited Vulnerabilities catalog. Both feeds are updated continuously so newly published CVEs are evaluated against your inventory without any manual action required.

Question 2

How are CVEs matched to specific devices?

Accepted Answer

ConnectMyAssets matches CVEs against the exact firmware version and model collected from each device in your CMDB. If a CVE affects FortiOS 7.2.1 specifically, only devices running that exact version are flagged, not all Fortinet devices. This eliminates false positives from generic vendor advisories.

Question 3

Can I set alert thresholds based on CVSS score?

Accepted Answer

Yes. You can configure alerts to trigger when a new CVE above a specified CVSS threshold is matched to one or more of your devices. Typical configurations alert on CVSS 7.0 or above, with separate escalation for critical scores of 9.0 or above. Alerts can be sent by email or forwarded to your existing ticketing or SIEM system.

Question 4

How many devices and CVEs can ConnectMyAssets track simultaneously?

Accepted Answer

There is no fixed upper limit per appliance. The platform is sized during deployment based on your inventory. Customers routinely track several hundred to several thousand devices and thousands of CVEs concurrently. Appliance sizing recommendations are provided based on your device count and polling frequency.

Question 5

Can I export the list of affected devices for a specific CVE?

Accepted Answer

Yes. For any CVE in the dashboard, you can export a list of all affected devices including their names, IP addresses, firmware versions, locations, and CVSS scores. The export is available in CSV format and is ready to feed directly into your vulnerability management or patching workflow.

Question 6

Does CVE tracking work without internet access on the appliance?

Accepted Answer

The appliance itself runs fully on-premises and never sends your network data to the internet. For CVE feed updates, the appliance needs outbound access to NVD and CISA endpoints. If your security policy prohibits direct internet access, feed updates can be proxied through your existing outbound proxy. Air-gapped deployment options with manual feed import are also available.

CVE Tracking per Asset

Vulnerability Tracking That Actually Tells You Something

Firmware-Matched

CVSS Scoring

All Device Types

Prioritization

Feed Updates

Export

How It Works

Inventory First

Match CVEs

Prioritize & Act

Why firmware-matched matters

Frequently Asked Questions

Know Your Exposure Before Your Vendor Does