Vulnerabilities
OT Security identifies various types of threats that affect the assets in your network. As information about new vulnerabilities is discovered and released into the general public domain, Tenable research staff designs programs to enable Tenable Nessus to detect them.
These programs are named Plugins, and are written in the Tenable Nessus proprietary scripting language, called Tenable Nessus Attack Scripting Language (NASL). Plugins detect CVEs as well as other threats that can affect assets in your network (for example, obsolete operating systems, usage of vulnerable protocols, vulnerable open ports, and so on.)
Plugins contain vulnerability information, a generic set of remediation actions, and the algorithm to test for the presence of the security issue.
For information about updating your Plugin set, see Environment Configuration.
Vulnerabilities
The Vulnerabilities page shows a list of all vulnerabilities detected by the Tenable Plugins that affect your network and assets.
You can customize the display settings by adjusting which columns are displayed and where each column is positioned. For an explanation of the customization features, see Management Console User Interface Elements.
The Vulnerabilities page shows the following details:
| Parameter | Description |
|---|---|
| Name | The name of the vulnerability. The name is a link to show the full vulnerability listing. |
| Severity | This score indicates the severity of the threat detected by this Plugin. Possible values: Info, Low, Medium, High, or Critical. |
| VPR | Vulnerability Priority Rating (VPR) is a dynamic indicator of the severity level, which is constantly updated based on the current exploitability of the vulnerability. Tenable generates this value as the output of Tenable Predictive Prioritization, which assesses the technical impact and threat posed by the vulnerability. VPR values range from 0.1-10.0, with a higher value representing a higher likelihood of exploitation. |
| Plugin ID | The unique identifier of the Plugin. |
| Affected Assets | The number of assets in your network affected by this vulnerability. |
| Plugin family | The family (group) with which this Plugin is associated. |
| Comment | You can add free text comments about this Plugin. |
Plugin Details
To view the plugin details:
In the row of the vulnerability for which you want to view the details, click the vulnerability name.
The Vulnerability details window appears.
The Vulnerability details window shows the following details:
Header bar — Shows basic information about the specified vulnerability. From the Actions menu, select Edit Details to edit vulnerability details. See Edit Vulnerability Details.
Details tab — Shows the full description of the vulnerability and gives links to relevant resources.
Affected Assets tab — Shows a listing of all assets affected by the specified vulnerability. Each listing includes detailed information about the asset, as well as a link to view the Asset Details window for that asset.
Edit Vulnerability Details
To edit vulnerability details:
In the relevant Vulnerability Details page, in the upper-right corner, click the Actions menu.
The Actions menu appears.
Click Edit Details.
The Edit Vulnerability Details panel appears.
In the Comments box, type comments about the vulnerability.
In the Owner box, type the name of the person assigned to address the vulnerability.
Click Save.
