Exposure Response Filters
In Exposure Response, use the query builder to view specific findings or affected assets or choose which vulnerabilities appear in a combination.
Tip: For the fastest results, Tenable recommends using the Last Seen filter in all queries to return findings from the last 30 days.
The following table defines the findings filters to use in queries within your Initiative Activity pane.
|
Filter |
Description |
|---|---|
|
Asset ID |
The UUID of the asset where a scan detected the finding. This value is unique to Container Security. |
|
CISA KEV |
Filter by the presence of the vulnerability in the CISA Known Exploited Vulnerabilities (KEV) Catalog. This helps prioritize risks based on real-world exploitation evidence. |
|
CPE |
The Common Platform Enumeration (CPE) identifiers for the vulnerabilities that the plugin detects. You can enter up to 200 values. |
|
CVEs |
The Common Vulnerability and Exposure (CVE) IDs for the vulnerabilities that the plugin detects. You can enter up to 200 values. |
|
CVSSv2 Base Score |
A numeric value between 0.0 and 10.0 that represents the intrinsic characteristics of a vulnerability independent of any specific environment. |
|
CVSSv2 Temporal Score |
The CVSSv2 Temporal Score reflects the current real-world severity of a vulnerability, adjusting the Base Score based on factors that change over time. |
|
CVSSv2 Temporal Vector |
The CVSSv2 temporal metrics used to calculate the temporal score for the vulnerability. |
|
CVSSv2 Vector |
The raw CVSSv2 metrics for the vulnerability. For more information, see the CVSSv2 documentation on the FIRST website. |
|
CVSSv3 Base Score |
A numeric value between 0.0 and 10.0 that represents the intrinsic characteristics of a vulnerability independent of any specific environment. |
|
CVSSv3 Temporal Score |
The CVSSv3 temporal score, which is based on characteristics of a vulnerability that change over time but not among user environments. |
|
CVSSv3 Temporal Vector |
The CVSSv3 temporal metrics used to calculate the temporal score for the vulnerability. |
|
CVSSv3 Vector |
The raw CVSSv3 metrics for the vulnerability. |
|
EPSS Percentile |
The Exploit Prediction Scoring System (EPSS) percentile, which indicates how many other vulnerabilities have an EPSS score lower than the current vulnerability. |
|
EPSS Score |
The percentage likelihood (0-100) that a vulnerability will be exploited, based on the Exploit Prediction Scoring System (EPSS). You can type a number with up to three decimal places, for example, 75.599. |
|
Exploit Available |
Filter based on whether exploit code is publicly available for the vulnerability. |
|
Exploit Available Calculated |
Filter based on the calculated availability of exploit code for the vulnerability, which is determined by Tenable's research. |
|
Exploit Code Maturity |
The maturity level of the publicly available exploit code for the vulnerability. |
|
Exploitability Ease |
A description of how easy it is to exploit the vulnerability. |
|
IAVM |
Filter by the vulnerability's presence on the Information Assurance Vulnerability Management (IAVM) list. |
|
Patch Publication Date |
The date on which the vendor published a patch for the vulnerability. |
|
Plugin Family |
The family of the plugin that detected the vulnerability. You can enter up to 200 values. |
|
Plugin ID |
Filter on the ID of the plugin that detected the vulnerability. You can enter up to 200 values. |
|
Plugin Modification Date |
The date on which the plugin that detected the vulnerability was last updated. |
|
Plugin Name |
The name of the plugin that detected the vulnerability. |
|
Plugin Publication Date |
The date on which the plugin that detected the vulnerability was published. |
|
Predicted Impact Score |
The score representing the potential impact if the vulnerability is exploited. |
|
Product Coverage |
Filter based on the Tenable product that detected the vulnerability. |
|
Scan Sources |
Filter based on the Tenable sensor or product that generated the vulnerability finding. |
|
Severity |
The vulnerability's CVSS-based severity (for example, Critical, High, Medium, Low). For more information, see CVSS vs. VPR. |
|
Threat Intensity Last 28 Days |
A measure of the current threat activity related to the vulnerability over the last 28 days. |
|
Threat Recency |
Filter based on how recently a threat actor has targeted the vulnerability. |
|
Threat Sources Last 28 |
The type of threat sources (for example, malware, exploit kits) seen exploiting the vulnerability in the last 28 days. |
|
Vendor Severity |
The severity level assigned to the vulnerability by the affected software vendor. |
|
VPR |
The Vulnerability Priority Rating that Tenable calculated for the vulnerability. |
|
VPR Age of Vulnerability |
The number of days that have passed since the date that the vulnerability was first published. |
|
VPR CVSSv3 Impact Score |
The CVSSv3 Impact Score used in the calculation of the Vulnerability Priority Rating (VPR). |
|
Vulnerability ID |
The unique identifier assigned to the vulnerability by Tenable. |
|
Vulnerability Publication Date |
The date when the vulnerability definition was first published (for example, the date the CVE was published). |