AWS Security ChangesHomeSearch

AWS inspector documentation change

Service: inspector · 2026-03-19 · Documentation low

File: inspector/latest/user/cicd-custom.md

Summary

Added detailed SBOM report example showing Microsoft Defender vulnerability (CVE-2022-23278) with remediation guidance and vulnerability metrics

Security assessment

This change documents how Amazon Inspector reports vulnerabilities in SBOM format but does not indicate a specific security fix. The example shows standard vulnerability reporting capabilities rather than addressing a newly discovered security issue.

Diff

diff --git a/inspector/latest/user/cicd-custom.md b/inspector/latest/user/cicd-custom.md
index e01a0728d..a20ee446b 100644
--- a//inspector/latest/user/cicd-custom.md
+++ b//inspector/latest/user/cicd-custom.md
@@ -269,0 +270,139 @@ The Amazon Inspector Scan API can output a vulnerability report in CycloneDX 1.5
+    {
+      "sbom": {
+        "specVersion": "1.5",
+        "metadata": {
+          "tools": {
+            "services": [
+              {
+                "name": "Amazon Inspector Scan SBOM API",
+                "version": "d79c681c+d73b8663+5e50a5ab"
+              }
+            ]
+          },
+          "properties": [
+            {
+              "name": "amazon:inspector:sbom_scanner:critical_vulnerabilities",
+              "value": "0"
+            },
+            {
+              "name": "amazon:inspector:sbom_scanner:high_vulnerabilities",
+              "value": "0"
+            },
+            {
+              "name": "amazon:inspector:sbom_scanner:medium_vulnerabilities",
+              "value": "1"
+            },
+            {
+              "name": "amazon:inspector:sbom_scanner:low_vulnerabilities",
+              "value": "0"
+            },
+            {
+              "name": "amazon:inspector:sbom_scanner:other_vulnerabilities",
+              "value": "0"
+            }
+          ],
+          "timestamp": "2026-03-17T00:00:52.344Z"
+        },
+        "components": [
+          {
+            "bom-ref": "comp-1",
+            "name": "defender",
+            "purl": "pkg:generic/microsoft/[email protected]",
+            "type": "application",
+            "version": "4.18.25110.5",
+            "properties": [
+              {
+                "name": "amazon:inspector:sbom_scanner:source_file_scanner",
+                "value": "windows-apps"
+              },
+              {
+                "name": "amazon:inspector:sbom_scanner:source_package_collector",
+                "value": "windows-app-defender"
+              },
+              {
+                "name": "amazon:inspector:sbom_scanner:path",
+                "value": "vol-0d994b0984fdaa2af:\\ProgramData\\Microsoft\\Windows Defender\\platform\\4.18.25110.5-0"
+              }
+            ]
+          }
+        ],
+        "serialNumber": "urn:uuid:6bed582d-191e-4cb7-9875-950dd0b99700",
+        "bomFormat": "CycloneDX",
+        "vulnerabilities": [
+          {
+            "advisories": [
+              {
+                "url": "https://support.microsoft.com/help/5011487"
+              },
+              {
+                "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487"
+              }
+            ],
+            "bom-ref": "vuln-1",
+            "references": [
+              {
+                "id": "CVE-2022-23278",
+                "source": {
+                  "name": "MICROSOFT",
+                  "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278"
+                }
+              }
+            ],
+            "ratings": [
+              {
+                "severity": "none",
+                "score": 0.02691,
+                "method": "other",
+                "vector": "model:v2025.03.14,date:2026-03-15T12:55:00Z",
+                "source": {
+                  "name": "EPSS",
+                  "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23278"
+                }
+              },
+              {
+                "severity": "medium",
+                "score": 5.9,
+                "method": "CVSSv31",
+                "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
+                "source": {
+                  "name": "MICROSOFT",
+                  "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487"
+                }
+              }
+            ],
+            "created": "2022-03-08T08:00:00Z",
+            "description": "Security Update for Defender (2022-03). Install KB5011487 to remediate. A reboot is required for this update to take effect.",
+            "affects": [
+              {
+                "ref": "comp-1"
+              }
+            ],
+            "id": "KB5011487",
+            "source": {
+              "name": "MICROSOFT",
+              "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487"
+            },
+            "published": "2022-03-08T08:00:00Z",
+            "analysis": {
+              "state": "in_triage"
+            },
+            "properties": [
+              {
+                "name": "amazon:inspector:sbom_scanner:priority",
+                "value": "standard"
+              },
+              {
+                "name": "amazon:inspector:sbom_scanner:priority_intelligence",
+                "value": "unverified"
+              },
+              {
+                "name": "amazon:inspector:sbom_scanner:fixed_version:comp-1",
+                "value": "10.0.19042.1586"
+              }
+            ]
+          }
+        ]
+      }
+    }
+    
+    
@@ -357,0 +497,51 @@ The Amazon Inspector Scan API can output a vulnerability report in CycloneDX 1.5
+    
+    {
+      "sbom": {
+        "vulnerabilities": [
+          {
+            "severity": "medium",
+            "priority_intelligence": "unverified",
+            "related": [
+              "CVE-2022-23278"
+            ],
+            "references": [
+              "https://support.microsoft.com/help/5011487",
+              "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487"
+            ],
+            "created": "2022-03-08T08:00:00Z",
+            "description": "Security Update for Defender (2022-03). Install KB5011487 to remediate. A reboot is required for this update to take effect.",
+            "affects": [
+              {
+                "path": "vol-0d994b0984fdaa2af:\\ProgramData\\Microsoft\\Windows Defender\\platform\\4.18.25110.5-0",
+                "fixed_version": "10.0.19042.1586",
+                "installed_version": "pkg:generic/microsoft/[email protected]"
+              }
+            ],
+            "id": "KB5011487",
+            "source": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487",
+            "published": "2022-03-08T08:00:00Z",
+            "priority": "standard",
+            "properties": {
+              "epss": 0.0269099995,
+              "cvss": [
+                {
+                  "severity": "medium",
+                  "cvss_3_base_score": 5.9000000954,
+                  "cvss_3_base_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
+                  "source": "MICROSOFT",
+                  "url": "https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011487"
+                }
+              ]
+            }
+          }
+        ],
+        "vulnerability_count": {
+          "high": 0,
+          "other": 0,
+          "critical": 0,
+          "low": 0,
+          "medium": 1
+        }
+      }
+    }
+