Vulnerability States

Tenable assigns a vulnerability state to all vulnerabilities detected on your network. You can track and filter by vulnerability state to see the detection, resolution, and reappearance of vulnerabilities over time.

Note: If you filter vulnerabilities using the Active state, Tenable.io also returns vulnerabilities in the New state. For filtering purposes, New is a sub-category of Active.

Vulnerability State

Visibility

Description

New

Visible in dashboards

The vulnerability has been detected just one time.

Active

Visible in dashboards

The vulnerability has been detected more than one time.

Fixed

Hidden in dashboards, but visible with filters

The vulnerability was present on a host, but is no longer present.

Resurfaced

Visible in dashboards

The vulnerability was previously marked as fixed on a host, but was detected again.

When a vulnerability is Resurfaced, it remains in this state until:

  • A later scan identifies the vulnerability as remediated, at which point the vulnerability returns to a Fixed state.