I have posted an Idea that has not gotten any attention or comments thus far so I am posting here to see if this may help. Please review the idea located here:
If you have any interest in having BCM also be able to identify and repair items that are considered vulnerable where there is no patch available than please vote this idea up.. If you feel that Compliance should be better at importing CCE/CVE items that actually work then please make that a comment also under the idea. Currently, there is not a fool proof method to provide visibility to this issue... or at least to my understanding.
Here is a link using Windows 10 searching NIST
If Compliance was able to import a NIST provided CVE or CCE and work as expected then this Idea may be mute... The ability to remediate automatically would make adding Vulnerability Manager back in worth the added cost... IMHO anyway... Looking for Feedback!
Maybe better explanation on how this should work and how to apply (Download Source)!