USM Central™

Vulnerabilities Page List View

USM Central's Vulnerabilities page provides an overview of vulnerabilities detected within connected deployment of USM Anywhere. The vulnerabilities main page lists vulnerabilities in reverse chronological order (the most recent item displays first). Here you can review all vulnerability activity, view only a select number of deployment vulnerabilities, or filter the vulnerabilities by specific details.

Go to Vulnerabilities to open the page.

The Vulnerabilities page displays information on vulnerabilities. These are the different parts of the page:

  • On the left side of the page are the search and filters options. Use filters to delimit your search.
  • At the top of the page, you can see any filters you have applied, and you have the option to create and select different views of the .
  • The main part of the page is the list of , where each row describes an individual . Click an to open a summary view. See for more information.

If you want to analyze the data, you can maximize the screen and hide the filter pane. Click the icon to hide the filter pane. Click the icon to expand the filter pane.

The following table displays the list of the default columns found in the List view.

Default Columns Found in the List View
Column / Field Name Description
Last Seen Last date on which the vulnerability was seen in the asset An IP-addressable host, including but not limited to network devices, virtual servers, and physical servers.. The displayed date depends on your computer's time zone.
Vulnerability ID The associated Common Vulnerabilities and Exposures (CVE The CVE system provides a method, using CVE IDs, to reference publicly known information security vulnerability and exposures in publicly released software packages and environments.) identification (ID) when there is a CVE ID to display.
Vulnerability Name The name of the vulnerability.
Deployment Name of the deployment on which the vulnerability has been detected.
Labels Label applied to the vulnerability. See Labeling the Vulnerabilities for more information.
Asset The asset that is vulnerable.
Severity The severity of the vulnerability. Values are High, Medium, and Low.
Score The score in the Common Vulnerability Scoring System (CVSS Open framework for communicating the characteristics and severity of software vulnerabilities that helps to prioritize actions according to their threat.). See Common Vulnerability Scoring System SIG for more information.
First Seen Detection date of the vulnerability in the asset. The displayed date depends on your computer's time zone.

From the list of vulnerabilities, you can click any individual vulnerability row to display more information on the selected vulnerability. See View Vulnerabilities Details for more information.

Click the icon next to the asset name to access these options:

  • Add to current filter: Use this option to add the asset name as a search filter.
  • Look up in OTX: This option searches the IP address of the asset in the AT&T Cybersecurity Alien Labs Open Threat Exchange® (OTX™) page. See Using OTX in USM Anywhere for more information.
  • Full Details: See Viewing Assets Details for more information.

You can choose the number of items to display by selecting 20, 50, or 100 below the table. You can classify some columns by clicking the icons to the right side of the heading. You can sort the item information in ascending or descending order.

Click Generate Report to open the Configure Report dialog box. See Create Vulnerabilities Report for more information.

Click the icon to bookmark an item for quick access. Clicking the icon on the secondary menu shows the bookmarked items and provides links to them.

Views

You can configure the view you want for the list of items in the page.

To create a view configuration

  1. From the List view, select the filters you want to apply.
  2. Select Save View > Save as.

    The Save Current View dialog box opens.

    Save Current View Dialog Box

  3. Enter a name for the view.
  4. Click Save.
  5. The created view is already selected.

To select a configured view

  1. From the List view, click View above the filters.
  2. Click Saved views and select the view you want to see.

    Alarms Main Page, saved views

  3. Click Apply.

To delete a configured view

  1. From the Vulnerabilities list view, click View above the filters.
  2. Click Saved views and click the icon next to the saved view you want to delete.
  3. A dialog box opens to confirm the deletion.

    Note: You can delete the views you have created.

  4. Click Accept.
  5. Important: The icon does not display if the view is selected.