CVEs
On the Vulnerability Intelligence Overview page, the CVEs tab shows vulnerabilities from Tenable's database. All vulnerabilities appear by default, but you can refine the results with vulnerability categories and the query builder.
The table in the CVEs tab has the following columns, which you can show or hide as described in Interact with a Customizable Table.
Column |
Description |
---|---|
CVE ID |
Indicates the Common Vulnerability and Exposure (CVE) identifier for the vulnerability, as assigned by the CISA-sponsored CVE Program. |
Name | Indicates the informal name of the vulnerability (for example, Log4Shell). Not all vulnerabilities have a common name. |
VPR |
The Tenable-calculated Vulnerability Priority Rating (VPR) score from 0.1 to 10. |
CVSS v2 |
Indicates the CVSS v2 score for the vulnerability. When not available from NVD, Tenable determines this score. To learn more, see CVSS vs. VPR. |
CVSS v3 |
Indicates the CVSS v3 score for the vulnerability. When not available from NVD, Tenable determines this score. To learn more, see CVSS vs. VPR. |
CVSS v4 |
Indicates the CVSS v4 score for the vulnerability. When not available from NVD, Tenable determines this score. To learn more, see CVSS vs. VPR. |
EPSS |
Indicates the likelihood that the vulnerability will be actively exploited, based on the third-party Exploit Prediction Scoring System (EPSS). |
Exploit Maturity |
The highest level of exploit maturity for the vulnerability: Unproven, PoC, Functional, or High. Drawn from Tenable’s research, as well as key external sources. |
First Discovered |
Indicates the date the vulnerability was first identified. |
First Exploited |
Indicates the date of the vulnerability’s first-known exploitation. |
POC |
Indicates the date the vulnerability’s first proof of concept was discovered. |
Plugins |
Lists the IDs for the Tenable plugins that detected the vulnerability. |