View vulnerable software

When you perform an on-demand or scheduled update from the NIST NVD, the library of vulnerable software records is downloaded and available for viewing. You can view the entire library on the Vulnerable Software screen or view vulnerable software associated with specific vulnerable entries on the National Vulnerability Database Entry screen. Vulnerable software records can be useful for remediating current and future vulnerabilites.

Before you begin

Role required: sn_vul.vulnerability_write

Procedure

  1. To view the vulnerable software library, navigate to Vulnerability > Libraries > Vulnerable Software.
    A list of vulnerable software downloaded from the NVD is shown.
    Vulnerable software downloaded from the NVD
  2. Click a software record to view vulnerability information.
  3. Click the following related lists to get more information for identifying vulnerabilities and deciding whether escalation is needed.
    Related listDescription
    Vulnerable Items When CVE-IDs downloaded from the NVD match this vulnerable software record, vulnerable items are created and listed here. You can use this information to decide whether to escalate the vulnerable item for remediation. To get more information about a vulnerable item, click the information icon ("i" icon).
    Note: If vulnerable software is removed, any associated vulnerable items are closed and removed from the Vulnerable Items related list.
    Vulnerability Entries Lists vulnerability entries downloaded from the NVD that are associated with this vulnerable software record. Click a record to view its details.
    Note: You can also view vulnerable software for a specific CVE-ID by navigating to Vulnerability > Libraries > NVD, selecting a CVE-ID, and clicking the Vulnerable Software related list.