Search and Filter Results

You can search or use filters to view specific scan results. You can filter hosts and vulnerabilities, and you can create detailed and customized scan result views by using multiple filters.

Plugin Attributes

The following table lists plugins attributes you can use to filter results.

Tip: Many Tenable Nessus plugin attributes relate to severity and vulnerability scores. To learn more about severity and vulnerability scores, see Severity and CVSS Scores vs. VPR.

Option Description

Bugtraq ID

Filter results based on if a Bugtraq ID is equal to, is not equal to, contains, or does not contain a given string (for example, 51300).

CANVAS Exploit Framework

Filter results based on if the presence of an exploit in the CANVAS exploit framework is equal to or is not equal to true or false.

CANVAS Package

Filter results based on which CANVAS exploit framework package an exploit exists for. Options include CANVAS, D2ExploitPack, or White_Phosphorus.

CERT Advisory ID

Filter results based on if a CERT Advisory ID (now called Technical Cyber Security Alert) is equal to, is not equal to, contains, or does not contain a given string (for example, TA12-010A).

CORE Exploit Framework

Filter results based on if the presence of an exploit in the CORE exploit framework is equal to or is not equal to true or false.

CPE

Filter results based on if the Common Platform Enumeration (CPE) is equal to, is not equal to, contains, or does not contain a given string (for example, Solaris).

CVE

Filter results based on if a Common Vulnerabilities and Exposures (CVE) v2.0 reference is equal to, is not equal to, contains, or does not contain a given string (for example, 2011-0123).

CVSS Base Score

Filter results based on if a Common Vulnerability Scoring System (CVSS) v2.0 base score is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 5).

You can use this filter to select by risk level. The severity ratings are derived from the associated CVSS score, where 0 is Info, less than 4 is Low, less than 7 is Medium, less than 10 is High, and a CVSS score of 10 is Critical.

CVSS Temporal Score

Filter results based on if a CVSS v2.0 temporal score is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 3.3).

CVSS Temporal Vector

Filter results based on if a CVSS v2.0 temporal vector is equal to, is not equal to, contains, or does not contain a given string (for example, E:F).

CVSS Vector

Filter results based on if a CVSS v2.0 vector is equal to, is not equal to, contains, or does not contain a given string (for example, AV:N).

CVSS 3.0 Base Score

Filter results based on if a Common Vulnerability Scoring System (CVSS) v3.0 base score is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 5).

You can use this filter to select by risk level. The severity ratings are derived from the associated CVSS score, where 0 is Info, less than 4 is Low, less than 7 is Medium, less than 10 is High, and a CVSS score of 10 is Critical.

CVSS 3.0 Temporal Score

Filter results based on if a CVSS v3.0 temporal score is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 3.3).

CVSS 3.0 Temporal Vector

Filter results based on if a CVSS v3.0 temporal vector is equal to, is not equal to, contains, or does not contain a given string (for example, E:F).

CVSS 3.0 Vector

Filter results based on if a CVSS v3.0 vector is equal to, is not equal to, contains, or does not contain a given string (for example, AV:N).

CWE

Filter results based on Common Weakness Enumeration (CWE) if a CVSS vector is equal to, is not equal to, contains, or does not contain a CWE reference number (for example, 200).

Exploit Available

Filter results based on the vulnerability having a known public exploit.

Exploit Database ID

Filter results based on if an Exploit Database ID (EBD-ID) reference is equal to, is not equal to, contains, or does not contain a given string (for example, 18380).

Exploitability Ease

Filter results based on if the exploitability ease is equal to or is not equal to the following values: Exploits are available, No exploit is required, or No known exploits are available.

Exploited by Malware

Filter results based on if the presence of a vulnerability is exploitable by malware is equal to or is not equal to true or false.

Exploited by Nessus Filter results based on whether a plugin performs an actual exploit, usually an ACT_ATTACK plugin.

Hostname

Filter results if the host is equal to, is not equal to, contains, or does not contain a given string (for example, 192.168 or lab). For agents, you can search by the agent target name. For other targets, you can search by the target's IP address or DNS name, depending on how you configured the scan.

IAVA

Filter results based on if an IAVA reference is equal to, is not equal to, contains, or does not contain a given string (for example, 2012-A-0008).

IAVB

Filter results based on if an IAVB reference is equal to, is not equal to, contains, or does not contain a given string (for example, 2012-A-0008).

IAVM Severity

Filter results based on the IAVM severity level (for example, IV).

In The News Filter results based on whether the vulnerability covered by a plugin has had coverage in the news.
Malware Filter results based on whether the plugin detects malware; usually ACT_GATHER_INFO plugins.

Metasploit Exploit Framework

Filter results based on if the presence of a vulnerability in the Metasploit Exploit Framework is equal to or is not equal to true or false.

Metasploit Name

Filter results based on if a Metasploit name is equal to, is not equal to, contains, or does not contain a given string (for example, xslt_password_reset).

Microsoft Bulletin Filter results based on Microsoft security bulletins like MS17-09, which have the format MSXX-XXX, where X is a number.
Microsoft KB Filter results based on Microsoft knowledge base articles and security advisories.

OSVDB ID

Filter results based on if an Open Source Vulnerability Database (OSVDB) ID is equal to, is not equal to, contains, or does not contain a given string (for example, 78300).

Patch Publication Date

Filter results based on if a vulnerability patch publication date is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 12/01/2011).

Plugin Description

Filter results if the Plugin Description contains, or does not contain a given string (for example, remote).

Plugin Family

Filter results if the Plugin Name is equal to or is not equal to one of the designated Nessus plugin families. Tenable Nessus provides the possible matches via a drop-down menu.

Plugin ID

Filter results if the plugin ID is equal to, is not equal to, contains, or does not contain a given string (for example, 42111).

Plugin Modification Date

Filter results based on if a Nessus plugin modification date is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 02/14/2010).

Plugin Name

Filter results if Plugin Name is equal to, is not equal to, contains, or does not contain a given string (for example, windows).

Plugin Output

Filter results if Plugin Description is equal to, is not equal to, contains, or does not contain a given string (for example, PHP)

Plugin Publication Date

Filter results based on if a Nessus plugin publication date is less than, is more than, is equal to, is not equal to, contains, or does not contain a string (for example, 06/03/2011).

Plugin Type

Filter results if Plugin Type is equal to or is not equal to one of the two types of plugins: local or remote.

Port

Filter results based on if a port is equal to, is not equal to, contains, or does not contain a given string (for example, 80).

Protocol

Filter results if a protocol is equal to or is not equal to a given string (for example, HTTP).

Risk Factor

Filter results based on the risk factor of the vulnerability (for example, Low, Medium, High, Critical).

Secunia ID

Filter results based on if a Secunia ID is equal to, is not equal to, contains, or does not contain a given string (for example, 47650).

See Also

Filter results based on if a Nessus plugin see also reference is equal to, is not equal to, contains, or does not contain a given string (for example, seclists.org).

Solution

Filter results if the plugin solution contains or does not contain a given string (for example, upgrade).

Synopsis

Filter results if the plugin solution contains or does not contain a given string (for example, PHP).

Vulnerability Publication Date

Filter results based on if a vulnerability publication date earlier than, later than, on, not on, contains, or does not contain a string (for example, 01/01/2012).

Note: Pressing the button next to the date brings up a calendar interface for easier date selection.