Vulnerabilities
From the Vulnerabilities page, view the cybersecurity flaws associated with Common Vulnerabilities and Exposure (CVE) numbers we found in your networks. To view the IP addresses and ports running vulnerable service, product, and version combinations, select a CVE number from the Vulnerabilities table.
Vulnerabilities table
The Vulnerabilities table includes CVE numbers for each vulnerability in your networks. It also lists details such as the CVSS severity level and how many IP addresses and ports are running the service with the vulnerability.
Use the information to identify vulnerabilities with the greatest potential impacts to your networks. For example, filter the table to only include vulnerabilities that are marked critical and then evaluate which services they're associated with.
For information about table options, see Tables.
Columns and filters
-
To add or remove information in the table, select Columns and choose the columns to view.
-
To view and manage vulnerability instances that meet specific criteria, such as those that are critical, select Filters and then select how to narrow the data.
| Name | Description |
|---|---|
| CVE | Common Vulnerabilities and Exposures (CVE) number for a cybersecurity flaw found for a service, product, and version combination that one or more IP addresses run in your networks. |
| Vulnerability intel tags | Types of threats associated with the vulnerability. For details, see Tags. |
| Threat actors | Names of the threat actors who are known to have exploited the vulnerability. Note that Unattributed indicates the vulnerability was exploited, but threat actor data isn't available. |
| Ransomware groups | Names of the ransomware groups that are known to have exploited the vulnerability. |
| EPSS score % | Exploit Prediction Scoring System (EPSS) score, which estimates the probability on a scale of 0 to 100% that a threat actor will exploit the vulnerability within the next 30 days. |
| CVSS score | Common Vulnerability Scoring System (CVSS) base severity score calculated by National Vulnerability Database (NVD) analysts. |
| CVSS severity | Common Vulnerability Scoring System (CVSS) severity rating for the vulnerability. |
| IP address count | Number of IP addresses running the service, product, and version combination associated with the vulnerability. |
| Port count | Number of ports running the service, product, and version combination associated with the vulnerability. |
| IP address | Filter for finding vulnerabilities associated with an IP address or within an IP address range. |
| Organization | Filter for finding vulnerabilities associated with an organization from your hierarchy. |