Vulnerability data can be imported from the NVD, CWE, or third-parties and used to
decide whether to escalate a vulnerable item. You can update NVD records on-demand or configure a
scheduled job to update them or CWE regularly. If needed, you can create third-party vulnerability
entries manually. Vulnerability Response
stores them under Libraries.
The Vulnerable items in your system are grouped, but can be managed individually. Each
vulnerability is represented by a vulnerability entry in the library, from the NVD, or a
The following libraries are available:
||List of vulnerabilities found by NVD and includes security checklists,
security-related software flaws, misconfigurations, product names, and impact
List of community-developed software weakness types.
Each CWE record also includes an associated knowledge article that describes the
weakness. You cannot escalate a vulnerability from the Common Weakness Enumerations screen,
it is for reference only.
||List of third-party vulnerable software in your instance. Contains a related list of
||List of all vulnerable software in your instance.