View Vulnerability Details

When you click on a specific vulnerability row, you can view detailed information about a vulnerability.

Field NameDescription

Cisco Security Risk Score

The Cisco Security Risk Score provides an estimate of exploitation based on real-time events. These are the three statuses:
  • Green 0-33
  • Amber 34-66
  • Red 67-100
CVSS Score This score is based on the Common Vulnerability Scoring System (CVSS) with five severities:
  • None 0-0
  • Low 0.1-3.9
  • Medium 4.0-6.9
  • High 7.0-8.9
  • Critical 9.0-10.0
Title

The name of the vulnerability.

ID The Common Vulnerabilities and Exposure (CVE) identifier. You can click the name to view the details specific to that CVE.
CWE The Common Weakness Enumeration ID for the corresponding vulnerability.
Publish Date The date in which the details were published.
First / Last Seen The timeframe when the vulnerability was first detected and when the vulnerability was last detected.
Type

The vulnerability type.

Remediation

The recommended remediation action. In the case of a vulnerable library, the version(s) to upgrade the library for remediation. Click on show all <count of versions> to view all the recommended remediation versions.

Overview The overview of the vulnerability.
Application Name of the affected application.
Tier (Nodes)

The services or the tiers affected because of the corresponding vulnerability. The number in parenthesis indicates the number of nodes. Click the flow map icon to view the Splunk AppDynamics flow map for that tier.

Note that a node count of zero (0) means that a vulnerability isn't present in any of your active nodes.

Library The library that exists in the corresponding application and tier. You can click the value in this field to view the list of all the vulnerabilities that impacts this library.
Reached The application uses the vulnerable method as part of its code flow. A yellow icon is displayed in this column to indicate that a vulnerability method is matched.
Last Detected The time elapsed since the vulnerability is detected.
Status

The status of the selected vulnerability. The status value can be:

  • Detected: At least one vulnerability is detected in the library.
  • Confirmed: The library is reviewed.
  • Fixed: The library is fixed.
  • Ignored: This is not a library.
  • Not Vulnerable: No vulnerabilities are found in the library.

If you have Configure permissions, you can select the rows using the checkbox, and then set the status by using the Set Status option. Without Configure permission, the Set Status option is unavailable. The Detected and Fixed status are automatically detected based on the libraries used in the application.

You can click the Export button to download the table data. It downloads all of the rows, columns, and related data in a .csv file. A separate .json file includes the following: link to the website where the table is exported from, global filters (if any) applied to the pages, and search filters applied to the columns. These two files are compressed into a .zip file for downloading. The maximum number of rows that can be exported is 10,000. If table data exceeds 10,000 rows you may apply filters to narrow your search, or export the first 10,000 results.