View Vulnerabilities by Plugin

The following feature is only available in Tenable FedRAMP Moderate environments.

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Access Group Permissions: Can View

Note: By default, Tenable Vulnerability Management does not filter for informational level plugin IDs. For more information, see the knowledge base article.

To view vulnerabilities by plugin:

1. In the upper-left corner, click the button.

   The left navigation plane appears.

2. Do one of the following:

   View Tenable Vulnerability Management vulnerabilities:

   1. In the left navigation plane, in the Vulnerability Management section, click Vulnerabilities.

      The Vulnerabilities page appears.

      

      By default, this page displays the By Plugin tab. The tab contains the plugins table. The plugins table lists plugins by decreasing severity.

   2. From this page, you can:

      • View information about each vulnerability in the table:

        • Severity — The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

        • Name — The name of the plugin that identified the vulnerability.

        • Plugin ID — The ID of the plugin that identified the vulnerability.

        • Family — The family of the plugin that identified the vulnerability.

        • Count — The number of vulnerability instances.

        Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

        • VPR — The VPR Tenable calculated for the vulnerability.

        • CVSS — The CVSSv2 or CVSSv3 score associated with the vulnerability. For more information, see CVSS vs. VPR.

      • Refine the data in the plugins table. For more information, see Tenable Vulnerability Management Tables.
      • Create, edit, or apply a saved search.

        Note: If you apply a saved search in the By Plugins tab, Tenable Vulnerability Management also applies the saved search to the By Assets tab.

      • View the number of plugin results, next to the Search box.

      • Export data for a specific plugin.

      • View vulnerability details.

   View Tenable Web App Scanning vulnerabilities:

   1. In the left navigation plane, in the Web App Scanning section, click Vulnerabilities.

      The Vulnerabilities page appears.

      

      By default, this page displays the By Plugin tab. The tab contains the plugins table. The plugins table lists plugins by decreasing severity.

   2. From this page, you can:

      • Filter the plugins table by vulnerability attributes.

      • Search the plugins table.

      • View the number of plugin results, next to the Search box.

      • View vulnerability details.