Vulnerability Information

On the Vulnerability Profile page, the Vulnerability Information section provides a short summary along the vulnerability's Vulnerability Priority Rating (VPR), Common Vulnerability Scoring System (CVSS), and Exploit Prediction Scoring System (EPSS) scores.

It also contains four tabs, within which you can view an event timeline, VPR and EPSS widgets, plugin details, known affected products, and a full summary.

Events

The Events tab appears by default and contains a timeline for the vulnerability. Use the horizontal scroll bar or click an event marker to go to that event. Click event links to open them in your web browser.

The timeline can contain the following events.

Event

Description

Discovery Date

Indicates the date Tenable first observed the vulnerability.

NVD Published

Indicates the date that the National Vulnerability Database (NVD) disclosed the vulnerability.

First Tenable Coverage

Indicates the first time Tenable provided coverage for the vulnerability.

First Proof of Concept

Indicates the date Tenable first observed a proof of concept for the vulnerability.

First Functional Exploit Indicates the date the first functional exploit for the vulnerability was released.
Consec Plugin Published Appears when a new Container Security Scanner plugin for the vulnerability is released.
LCE Plugin Published Appears when a new Log Correlation Engine plugin for the vulnerability is released.

Nessus Plugin Published

Appears when a new Tenable Nessus plugin for the vulnerability is released.

NNM Plugin Published Appears when a new Tenable Nessus Network Monitor plugin for the vulnerability is released.

WAS Plugin Published

Appears when a new (Undefined variable: WebApplicationScanning.WAS) plugin for the vulnerability is released.

Ransomware

Indicates the first time Tenable observed ransomware events for the vulnerability.

Malware Indicates the first time Tenable observed malware events for the vulnerability.
Emerging Threats

Indicates that Tenable is actively monitoring the vulnerability since it is being publicly discussed, has a viable proof of concept, and/or is widely used.

Exploited in the Wild Indicates that the vulnerability has been used in a cyberattack.

Persistently Exploited

Appears each time Tenable observes that the vulnerability is being persistently exploited.

CISA Known Exploits

Indicates the date that the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to their Known Exploited Vulnerabilities catalog.

CISA Due-Date Indicates the date by which federal agencies must fix vulnerabilities on the CISA Known Exploited Vulnerabilities (KEV) list.
Cyber Exposure Alert

Appears when Tenable publishes a Cyber Exposure Alert for the vulnerability.

EPSS Increased Appears when the Exploit Prediction Scoring System (EPSS) increases (for example, EPSS Increased to 65%).
EPSS Decreased Appears when the EPSS decreases.
EPSS Assigned Appears when an EPSS score is assigned.
VPR Increased Appears when the Vulnerability Priority Rating (VPR) increases (for example, VPR Increased to 6.1).
VPR Decreased Appears when the VPR decreases.
VPR Assigned Appears when a VPR score is assigned.

Scores

The Scores tab contains ring charts for VPR and EPSS along with trend charts to track how these scores have changed over time.

In addition, you can review the following VPR Key Drivers.

VPR Driver

Description

Age of Vulnerability

Indicates the number of days since the vulnerability was discovered.

CVSSv3 Impact Score

Indicates the NVD-provided CVSSv3 impact score from 0–10. If NVD did not provide a score, Tenable generates one.

Exploit Code Maturity

The highest level of exploit maturity for the vulnerability: Unproven, PoC, Functional, or High. Drawn from Tenable’s research, as well as key external sources.

Product Coverage

Indicates the relative number of unique products affected. Values are Low, Medium, High, or Very High.

Threat Intensity

Indicates the number and frequency of recent threat events. Values are Very Low, Low, Medium, High, or Very High.

Threat Sources

Lists sources where relevant threat events occurred (for example, social media or the dark web). If no events were observed in the past 28 days, No recorded events appears.

Threat Recency

Indicates the number of days since a threat event occurred, from 0–180.

Plugins

The Plugins tab lists plugins that detected findings for the vulnerability.

Column

Description

Plugin ID

Indicates the ID of the Tenable plugin that detected the finding.

Name

Indicates the name of the Tenable plugin that detected the finding.

Family

Indicates the plugin family. For example, with a Tenable Nessus plugin, Backdoors. Or, with a Tenable Web App Scanning plugin, Code Execution. To learn more, see About Plugin Families on the Tenable website.

Severity

Indicates severity for the detected vulnerability as Low, Medium, or High.

Type Indicates the type of plugin: Active, Compliance, Event, Passive, or WAS.

Products

In the Products tab, view affected products by vendor. Next to a vendor, click the drop-down > to view a list of products.

For example, a vulnerability might have the Vendor canonical with the Product linux.

Tip: Tenable curates this data. It represents all known affected products for a vulnerability, not only yours.

Summary

In the Summary tab, read a summary and Copy it to your clipboard.