Custom Fields Created in JIRA

Custom fields are created when the Tenable Plugin for JIRA is installed. Custom fields are either text area, which you can modify, or read only field, which you cannot modify.

Note: There may be conflict if a custom field is created manually or as part of another plugin.

Vulnerability

Field Name Type Definition

Tenable BID

text area The Bugtraq ID for the plugin that identified the vulnerability.

Tenable CVE

text area The Common Vulnerability and Exposure (CVE) ID for the plugin.

Tenable CVSSv3 Base Score

read only field The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).

Tenable CVSSv3 Temporal Score

 read only field The CVSSv3 temporal score (characteristics of a vulnerability that change over time but not among user environments).

Tenable CVSSv2 Base Score

 read only field The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).

Tenable CVSSv2 Temporal Score

 read only field The CVSSv2 temporal score (characteristics of a vulnerability that change over time but not among user environments).

Tenable Plug-in Family

read only field

 The family of the plugin that identified the vulnerability. For more information about plugin families, see https://www.tenable.com/plugins.

Tenable Plug-in ID

read only field

 The ID of the plugin that identified the vulnerability.

Tenable MS Bulletin

 read only field The Microsoft security bulletin that the plugin covers.

Tenable Vulnerability Title

 read only field The name of the plugin that identified the vulnerability.

Tenable Solution

read only field

 Remediation information for the vulnerability.

Tenable Severity

read only field

 The code for the severity originally assigned to a vulnerability before a user recast the risk associated with the vulnerability.
Tenable Source read only field Determines if the application is connected to Tenable.io or Tenable.sc.
Tenable Short Description read only field A short description of the plugin.

Vulnerable Host

Field Name Type Definition

Tenable Agent UUID

 read only field The UUID of the agent that performed the scan where the vulnerability was found.

Tenable Device Type

 read only field The type of asset where the vulnerability was found.

Tenable FQDN

read only field

 The fully-qualified domain name of the asset where a scan found the vulnerability.

Tenable Hostname

 read only field The host name of the asset where a scan found the vulnerability.

Tenable Asset UUID

 read only field The UUID of the asset where a scan found the vulnerability.

Tenable IPv4

read only field

 The IPv4 address of the asset where a scan found the vulnerability.

Tenable IPv6

read only field

 The IPv6 address of the asset where a scan found the vulnerability.

Tenable MAC Address

 read only field The MAC address of the asset where a scan found the vulnerability.

Tenable NetBIOS Name

 read only field The NETBIOS name of the asset where a scan found the vulnerability.

Tenable Operating System

 read only field The operating system of the asset where a scan found the vulnerability.

Tenable Plugin Output

 text area The text output of the Nessus scanner.

Tenable Port

read only field

 The port the scanner used to communicate with the asset.

Tenable Protocol

read only field

 The protocol the scanner used to communicate with the asset.

Tenable Service

read only field

 The service the scanner used to communicate with the asset.

Tenable Severity

read only field

The severity of the vulnerability as defined using the Common Vulnerability Scoring System (CVSS) base score. Possible values are:

  • info - The vulnerability has a CVSS score of 0.
  • low - The vulnerability has a CVSS score between 0.1 and 3.9.
  • medium - The vulnerability has a CVSS score between 4.0 and 6.9.
  • high - The vulnerability has a CVSS score between 7.0 and 9.9.
  • critical - The vulnerability has a CVSS score of 10.0."

Tenable First Found

 read only field The date on which the vulnerability was first found on the asset.

Tenable Last Fixed

 read only field The date on which the vulnerability was last fixed on the asset. Tenable.io updates the vulnerability state to fixed when a scan no longer detects a previously detected vulnerability on the asset.

Tenable State

read only field

The state of the vulnerability as determined by the Tenable.io state service. Possible values are:

  • open - The vulnerability is currently present on an asset.
  • reopened - The vulnerability was previously marked as fixed on an asset, but has been detected again by a new scan.
  • fixed - The vulnerability was present on an asset, but is no longer detected.
Tenable Source read only field Determines if the application is connected to Tenable.io or Tenable.sc.
Tenable.sc Repository ID read only field The repository identification manager.
Tenable.sc Repository Name read only field A user friendly name for the repository.