Skip to content
    Search

    On November 3, 2021, the Cybersecurity and Infrastructure Security Agency issued a new directive that will require federal agencies to patch known exploited vulnerabilities within specific time frames. Here's how Axonius customers can find all CVEs outlined in the directive right now.

    Binding Operational Directive 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities 

    Binding Operational Directive 22-01 creates a CISA-mandated catalog of vulnerabilities known to be actively exploited within federal agencies and establishes requirements and timelines for agencies to remediate the specified CVEs. The list of specified CVEs can be found here, and CISA will determine when and how to add new vulnerabilities to the list. 

    There are currently 291 CVE IDs in the catalog, and there is a downloadable CSV linked on the bottom of the page.

    How to Identify Devices with Vulnerabilities Listed in Binding Operational Directive 22-01

    Axonius customers can use the following query to identify those CVEs currently specified in Binding Operational Directive 22-01:

    ("specific_data.data.software_cves.cve_id" == "CVE-2021-27104​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27102​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27101​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-27103​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21017​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-28550​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-4939​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-15961​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-4878​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-5735​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-2215") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0041") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-0069") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-9805") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-42013") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-41773") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0211​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-4437​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-17558​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-17530") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-5638​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-11776") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30858​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-6223") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-30860​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-27930") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30807​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-27950​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-27932​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30860") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-9818") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-9819") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30762​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-1782") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1870") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1871​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-1879​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30661") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30666​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-30713​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30657​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30665​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-30663​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30761​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30869​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-9859") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-20090​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27562​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-28664​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-28663​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-3398​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-26084​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-11580​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-3396​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-42258") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-3452​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-3580") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-1497") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1498") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-0171​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-3118​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-3566") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-3569") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-3161​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-1653​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-0296") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-13608") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8193") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8195") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-8196") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-19781​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-11634") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-29557​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-25506​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-15811") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-18325") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-9822​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-15752​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-8515​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-7600​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22205") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-6789​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8657​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8655​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-5902​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22986​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-35464​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-5591​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-12812​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-13379​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-16010") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-15999") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21166​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-16017") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-37976") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-16009​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-30632") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-16013") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30633​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-21148​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-37973​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30551​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-37975​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-6418​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30554​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-21206​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-38000") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-38003") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-21224​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21193​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21220​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-30563​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-4430​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-4427​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-4428​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-4716​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-3715​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2016-3718​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-15505​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-30116") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-7961​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-23874​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22506​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-22502​") or ("specific_data.data.software_cves.cve_id" == "CVE-2014-1812​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-38647​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2016-0167​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0878​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-31955​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-1647​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-33739​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-0185​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-0683​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-17087​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-33742​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-31199") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-33771​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-31956​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-31201") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-31979​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0938") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-17144") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0986​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-1020") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-38645") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-34523​") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-7269​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-36948​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-38649") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0688​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2017-0143​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-7255​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0708​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-34473​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-1464​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1732​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-34527") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-31207​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0803​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-1040") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-28310​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-1350​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-26411​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0859​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-40444​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2017-8759") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-8653​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0797​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-36942​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-1215​") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-11882") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-0798") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-0802​") or ("specific_data.data.software_cves.cve_id" == "CVE-2012-0158​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2015-1641​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27085​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0541​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2017-11882​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0674") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27059​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-1367") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-0199​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-1380​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-1429") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-11774​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0968​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-1472​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-26855") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-26858") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-27065​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-1054") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1675") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-34448​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-0601​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0604​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-0646​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0808​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-26857​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-1147​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-1214​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-3235​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-38647") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-0863​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-36955​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-38648") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-6819​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-6820​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-17026​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-15949​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-26919​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-19356​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-2555​") or ("specific_data.data.software_cves.cve_id" == "CVE-2012-3152​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-14871​") or ("specific_data.data.software_cves.cve_id" == "CVE-2015-4852​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-14750") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-14882") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-14883") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8644​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-18935​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22893​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8243​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-22900​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22894​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8260​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-22899​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-11510​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-11539") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-1906​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-1905​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-10221​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-35395​") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-16651​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-11652​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-11651​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-16846​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-2380​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2016-3976​") or ("specific_data.data.software_cves.cve_id" == "CVE-2010-5326​") or ("specific_data.data.software_cves.cve_id" == "CVE-2016-9563​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-6287​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-6207​") or ("specific_data.data.software_cves.cve_id" == "​CVE-2016-3976") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-16256​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-10148​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-35211​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2016-3643​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-10199​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-20021") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2017-7481") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-20022") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-20023") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-20016​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-12271​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-10181​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2017-6327​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-18988​") or ("specific_data.data.software_cves.cve_id" == "CVE-2017-9248​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2021-31755​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-10987​") or ("specific_data.data.software_cves.cve_id" == "CVE-2018-14558​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2018-20062") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-9082") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-18187​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-8467​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-8468​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-24557​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-8599​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-36742") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-36741") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-20085​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-5849​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-5847​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-16759") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-17496") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-5544") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-3992") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-3950​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-22005​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-3952​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21972​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-21985​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-4006​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-25213​") or ("specific_data.data.software_cves.cve_id" == "CVE-2020-11738​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2019-9978​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-27561​") or ("specific_data.data.software_cves.cve_id" == "CVE-2021-40539​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-10189​") or ("specific_data.data.software_cves.cve_id" == "CVE-2019-8394​") or
    ("specific_data.data.software_cves.cve_id" == "CVE-2020-29583​")

    By pasting this in the Axonius query wizard, customers will immediately see any device with any of the specified vulnerabilities present. 

    Creating the Query Going Forward

    As CISA will continue to maintain the catalog here, you can create an Axonius query by doing the following:

    1. Download the CSV file
    2. Copy the column with CVE IDs
    3. Create a spreadsheet with the following columns:
      1. ("specific_data.data.software_cves.cve_id" == "
      2. The pasted CVE IDs from step 2
      3. ") or
      4. =CONCATENATE(A1,B1,C1)
    4. Fill the sheet down, and on the last concatenated cell, remove the word "or"
    5. Copy that column and paste it into the Axonius query field

    Note: CISA will be creating this list as JSON soon, but for now, CSV is the only way to download it. We'll update this post when that change has been made along with new instructions. 

    Additionally, this is how customers can do this immediately. We are currently working on a product update to fetch the CVEs from this list automatically. Once this has been added to the product, we'll update this post. 

    Sign up to get first access to our latest resources