USM Appliance™

Current Vulnerabilities — Asset Vulnerability Details

Applies to Product: USM Appliance™ AlienVault OSSIM®

The Asset Vulnerability Details section summarizes all current vulnerabilities found in the scan jobs by the number of vulnerabilities, in descending order. The first line refers to all scans and the following lines refers to the scans done on every host.

Asset Vulnerability Details from Overview page.

Fields and descriptions for Asset Vulnerability Details

Field

Description

Host-IP

Shows the hostname and IP of the host. The first line ‘All’ summarizes all hosts.

Date/Time

Shows the exact date and time that the scan occurred.

Profile

Indicates the chosen profile to run the scan.

Serious vulnerability icon

Displays the number of Serious vulnerabilities found in the latest scan.

High vulnerability icon

Displays the number of High vulnerabilities found in the latest scan.

Medium vulnerability icon

Displays the number of Medium vulnerabilities found in the latest scan.

Low vulnerability icon

Displays the number of Low vulnerabilities found in the latest scan.

Info vulnerability icon

Displays the number of Info vulnerabilities found in the latest scan.

HTML output icon

Results of the scan job in HTML within the same browser.

PDF output icon

Exports the results of the scan job to a PDF file. The browser, such as Chrome, may open it in a different tab if it recognizes the file extension.

Excel output icon

Exports the results of the scan job to an Excel file.

Delete icon

Deletes the report.

For details about the threshold of vulnerabilities, see Changing the Vulnerability Ticket Threshold.

To filter the data

  1. In the empty box above the table, enter an IP address of a host/network (default), the name a service, or a free text. Use the following definitions to help you select which one to use:

    • Host/Net: Searches the IP address of a single host or a range of IP addresses in a subnet (for example, 10.80.50.73, 10.80.50.1/24).
    • Service: Searches the security service identified in the vulnerability (for example, ssh, http, or https, as seen in the By Services -Top 10 pie chart).
    • Free text: Searches the details of a vulnerability using free text.
  2. Select the corresponding radio button.
  3. Click Find.

Another way to filter the data is by using the pie chart above the Current Vulnerabilities. In the following example, we can see that the https service has 18 vulnerabilities (between the square brackets):

By Services - Top 10 page from Overview.

To see which hosts have such vulnerabilities

  1. Click the text that reads https.

    The page refreshes with the text https populated in the search box and the option Service selected.

    Only the host(s) with the https vulnerabilities display.

    Hosts with https vulnerabilities from Overview.

  2. To check vulnerabilities in details, you can look at the HTML report or export a PDF or Excel file.