Monitor Vulnerabilities

The Vulnerabilities page displays the list of all the scanned vulnerabilities. An application registered with is scanned, and continuously monitored for vulnerabilities. When vulnerabilities are detected, a user with the Configure permission can prioritize vulnerabilities. By default, this page displays an overview of the selected application. See Monitor Application Security Using . Use the Search filter to search based on the Vulnerability, Package Language, CWE,Severity, Application, Tiers, Libraries, and Status values.

In this example, Vulnerabilities includes Last 1 Week, which displays data for the last seven days.

The Vulnerabilities page includes these details:

ChartDescription

Vulnerabilities By Severity

This chart represents the total number of vulnerabilities. The number of vulnerabilities based on the following severity:

  • Critical
  • High
  • Medium
  • Low

Hover on the required severity to view the number of open vulnerabilities with that severity. If you require all the charts in the pane to display based on a specific severity, click the severity on the pie chart. To return back to the complete chart, click the same severity again.

Severity Trend This chart displays the number of open tickets versus the number of fixed tickets from the last 7 days. This shows the trend of fixing open vulnerabilities.
Days Since First Detected This chart displays the number of days the vulnerability is open versus the severity of the vulnerability (critical, high, medium, or low).
Title

The name of the vulnerability.

ID The Common Vulnerabilities and Exposure (CVE) identifier. You can click the name to view the details specific to that CVE.
Cisco Security Risk Score The Cisco Security Risk Score provides an estimate of exploitation based on real-time events. These are the three statuses:
  • Green 0-33
  • Amber 34-66
  • Red 67-100
Reached The application uses the vulnerable method as part of its code flow. A yellow icon is displayed in this column to indicate that a vulnerability method is matched.
CVSS Score This score is based on the Common Vulnerability Scoring System (CVSS) with five severities:
  • None 0-0
  • Low 0.1-3.9
  • Medium 4.0-6.9
  • High 7.0-8.9
  • Critical 9.0-10.0
Application Name of the affected application.
Tier (Nodes)

The services or the tiers affected because of the corresponding vulnerability. The number in parenthesis indicates the number of nodes. Click the flow map icon to view the Splunk AppDynamics flow map for that tier.

Note that a node count of zero (0) means that a vulnerability isn't present in any of your active nodes. Splunk AppDynamics does not change the state of a fixed vulnerability to a confirmed vulnerability because that is a user-defined state.

Library The library that exists in the corresponding application and tier. You can click the value in this field to view the list of all the vulnerabilities that impacts this library.
Last Detected The time elapsed after the vulnerability was last detected.
Status

The status of the corresponding vulnerability. The status value can be:

  • Detected: At least one vulnerability is detected in the library.
  • Confirmed: The library is reviewed.
  • Fixed: The library is fixed.
  • Ignored: This is not a library.
  • Not Vulnerable: No vulnerabilities are found in the library.

The status Ignored can be updated by the developer with Configure permission for . If you have Configure permissions, you can select the vulnerabilities using the checkbox, and then set the status by using the Set Status option. Without Configure permission, the Set Status option is unavailable.