Viewing vulnerability details

Use the Vulnerability details page to identify which nodes are affected by the vulnerability, and using the analysis and remediation details determine which task to run on the nodes to help fix the specific vulnerability.

Metrics

Displayed on each vulnerability details page are metrics relating to the vulnerability:
  • Risk score - the risk score value assigned to the vulnerability by your vulnerability scanner.

  • Nodes affected - the number of nodes the vulnerability was detected on.

  • Infrastructure affected - the percentage of your entire infrastructure the vulnerability affects.

CVE details

If provided by your vulnerability scanner, the following CVE details are displayed for each vulnerability.

CVE detail Description
CVE ID The CVE ID is an unique identifier for a security vulnerability and is the number sequence of a CVE entry. For example, CVE-2019-0601 includes the CVE prefix, the year that the CVE ID was assigned or made public, and the sequence of numbers.

CVSS base score

CVSS V3 base score

Depending on how easy it is to exploit the vulnerability and how damaging it can be, each vulnerability is assigned a base score in the Common Vulnerability Scoring System (CVSS) which ranges from zero to ten.

CVSS temporal score

CVSS V3 temporal score

The temporal score is calculated using metrics on how likely the vulnerability will be exploited, on how easy the vulnerability is to fix, and on how confidently it can be said that a vulnerability exists.

Analysis

The analysis provided by your vulnerability scanner is a description of the vulnerability threat, and the possible consequences that can occur if the vulnerability is successfully exploited.

Remediation

The remediation details provided by your vulnerability scanner is a brief summary of how you can fix the vulnerability. For information on how to fix a vulnerability, see Remediating Vulnerabilities.