For each vulnerability in the vulnerabilities columns list, USM Anywhere displays useful information to help you manage that vulnerability.
The following table lists the fields you see on the page.
|Column Field Name||Description|
|Last Seen||Last date on which the vulnerability was seen in the asset. The displayed date depends on your computer's time zone.|
|Vulnerability ID||Displays the associated Common Vulnerabilities and Exposures (CVE The CVE system provides a method, using CVE IDs, to reference publicly known information security vulnerability and exposures in publicly released software packages and environments.) ID, in case of having it.|
|Suppressed||Indicates whether this vulnerability is marked as suppressed. See Viewing Vulnerabilities Details for more information.|
Displays the description of the vulnerability.
|Labels||Label applied to the vulnerability. See Labeling the Vulnerabilities for more information.|
|Source||Source that found the vulnerability.|
|Asset||Asset that is vulnerable.|
Indicates the severity of the vulnerability. Values are High, Medium, Low, and Under Analysis. See About Vulnerability Severity.
|Score||Displays the score in the Common Vulnerability Scoring System (CVSS Open framework for communicating the characteristics and severity of software vulnerabilities that helps to prioritize actions according to their threat.). See Common Vulnerability Scoring System SIG for more information.|
|First Seen||Detection date of the vulnerability in the asset. The displayed date depends on your computer's time zone.|
|Available Patches||Displays the name of the patch and the number of additional available patches (for example, patch name [2 more patches]).|
|IP of the Assets||Displays the IP of the assets, if available.|
From the list of vulnerabilities, you can click any individual vulnerability row to display more information on the selected vulnerability. See Viewing Vulnerabilities Details for more information.
To select a vulnerability, select the checkbox to the left of the vulnerability. You can select all vulnerabilities at the same time by selecting the first checkbox in the column. These buttons display when you select a vulnerability:
- Apply Labels: You can add a label to a vulnerability, which enables you to have classified vulnerabilities. See Labeling the Vulnerabilities for more information.
- New Scan: This button runs a new authenticated asset scan. See Running an Asset Scan from Vulnerabilities for more information.
You can choose the number of items to display by selecting 20, 50, or 100 below the table.
Click the icon to bookmark an item for quick access.
Click Generate Report to open the Configure Report dialog box. See Create a Vulnerabilities Report for more information.
- Add to Current Filter: Use this option to add the asset name as a search filter. See Searching Events for more information.
- Find in Events: Use this option to execute a search of the asset name in the Events page. See Searching Events for more information.
- Look up in OTX: This option searches the IP address of the asset in the OTX page. See Using OTX in USM Anywhere for more information.
- Full Details: See Viewing Assets Details for more information.
- Configure Asset: See Editing Assets for more information.
- Delete Asset: See Deleting the Assets for more information.
- Assign Credentials: See Managing Credentials in USM Anywhere for more information.
- Authenticated Scan: Authenticated scans are performed from inside the machine using a user account with appropriate privileges. This option displays depending on the USM Anywhere Sensor associated with the asset. See Running Authenticated Asset Scans for more information.
- Scan with AlienApp: This option enables you to run an asset scan through an AlienApp. See Running Asset Scans Using an AlienApp for more information.
- Configuration Issues: An identified configuration of deployed software or features of software that is in use, which is known to be insecure. This option opens the Asset
sDetails page. The Configuration Issues tab is selected in the page. See Viewing Assets Details for more information.
- Vulnerabilities: This option opens the Asset
sDetails page. The Vulnerabilities tab is selected in the page. See Viewing Assets Details for more information.
- Alarms: This option opens the Asset
sDetails page. The Alarms tab is selected in the page. See Viewing Assets Details for more information.
- Events: Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor or external devices such as a firewall. This option opens the Asset
sDetails page. The Events tab is selected in the page. See Viewing Assets Details for more information.