📙 You will learn

The information available in Application and Infrastructure Vulnerability Details.

Prerequisites

Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A

Application Vulnerability Details

Within an application that contains scans, a vulnerability list separated by severity can be viewed. Expanding a selected vulnerability reveals details including its current status, comments, attached files, and the ability to view more in-depth details.

Clicking on the speech bubble icon, highlighted below, reveals a Comments section beneath the vulnerability displaying any comments that have been added to it. New comments can also be added via the Add Comments button.

Image Removed

Image Added

Similarly, clicking on the page icon, highlighted below, reveals a Files section beneath the vulnerability displaying any files that have been attached to it.

Image Removed

Image Added

Clicking on the View More link redirects to a Vulnerability Details page for the vulnerability. This page details open findings, metadata, comments, files, finding files, and a history of events for the vulnerability. Comments, tags, and files can be edited/deleted from this page as well.

The Vulnerability Details page also provides an action drop-down button menu with several options for users to affect the vulnerability, including the following:

• Close Vulnerability

• Mark as False Positive

• Mark as Contested

• Mark as Verified

• Change Severity

• Manage Tags
  

Infrastructure Vulnerability Details

Within a network’s that contains scanner data, a range of IP address clusters and their vulnerabilities, separated by severity, can be viewed.

Expanding a selected IP range reveals the range’s details including individual addresses, last scanned date, and vulnerability totals.

Selecting a particular address will reveal its individual details including CVEs, CVSS Scores, and dates. These results can also be filtered by severity level by selecting the desired severity level button on the UI’s results row.

Clicking on a desired result will redirect to its Vulnerability Details page, containing a list of associated CVEs and further details including the Scanner Name, Finding Name, Scanner Severity, Severity, a CVSS score (if assigned), IP, and dates.