Identify vulnerable items

When CVE-ID records are downloaded from the NIST NVD, they are compared against the software in your company's network as identified by the Software Asset discovery model. When a CVE-ID matches vulnerable software or CIs in your network, a vulnerable item is created, and you use the information in the CVE-ID record to decide whether to escalate the vulnerable item for remediation.

Before you begin

Role required: sn_vul.vulnerability_write

Procedure

  1. Navigate to Vulnerability > Libraries > NVD.
    A list of Common Vulnerability and Exposures (CVE)-IDs that were downloaded from the NVD is shown. Updates from the NVD can be performed on-demand or using a scheduled job.
  2. Click a CVE record to view the following information:
    • a summary for the CVE-ID.
    • a reference to a Common Weakness Enumeration (CWE) entry, if applicable.
    • the vulnerability score of the CVE-ID on the Common Vulnerability Scoring System (CVSS). For more information on the CVSS, see the National Vulnerability Database website.
  3. Click the following related lists to get more information for identifying vulnerabilities.
    Related listDescription
    Vulnerable Items Lists any vulnerable items. These are records are created by the matching of vulnerable entries downloaded from the NIST NVD and vulnerable software or CIs in your network. For more information about a vulnerable item, click the information icon ("i" icon).
    Note: If software in your network is reported as being removed or patched to remediate a vulnerability, any associated vulnerable items are closed and removed from the Vulnerable Items related list.
    Vulnerable Software Lists the vulnerable software returned from the NVD. You can use this information to match the NVD software to your Software Asset Management discovery model. For more information, see View vulnerable software.
    Vulnerability References Lists vulnerability reference information for the selected CVE record.
    If vulnerabilites were identified and vulnerable items were created, you can remediate them, as needed.