Web Application Vulnerabilities Findings

This topic describes the performance of, or functionality for, a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.

Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Note: Tenable.io retains findings data for only 15 months.

On the Findings page, you can drill down to view only vulnerability findings for your web application vulnerabilities.

To view your web application vulnerabilities findings:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, in the Explore section, click Findings.

    The Findings page appears, showing a table that lists your findings. By default, the Vulnerabilities tab is active.

  3. In the upper-left side of the page, select the Web Application Findings tab.

    The Findings table shows only your web application vulnerability findings.

  4. In the web application vulnerabilities findings table, you can perform any or all the following actions:

    • Refine the table data. For more information, see Tenable.io Tables.

    • Filter the findings table.

    • Group your findings by asset name or plugin ID.

    • View findings details for your web application vulnerabilities on the Web Application Vulnerability Findings Details page.

    • Export your web application vulnerability findings.

Web Application Vulnerabilities Findings

You can view basic information about your web application vulnerability findings in the following table.

Column Description
Asset ID The UUID of the asset where a scan detected the vulnerability. This value is unique to Tenable.io.
Asset Name

The name of the asset where the scanner detected the vulnerability. This value is unique to Tenable.io.

IPv4 Address

The IPv4 address associated with the asset record.

This filter supports multiple asset identifiers as a comma-separated list (for example, hostname_example, example.com, 192.168.0.0). For IP addresses, you can specify individual addresses, CIDR notation (for example, 192.168.0.0/24), or a range (for example, 192.168.0.1-192.168.0.255).

Note:Tenable.io does not support a CIDR mask of /0 for this parameter, because that value would match all IP addresses. If you submit a /0 value for this parameter, Tenable.io returns a 400 Bad Request error message.

Severity

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

Plugin Name

The name of the plugin that identified the vulnerability.

Plugin ID

The ID of the plugin that identified the vulnerability.

Family

The family of the plugin that identified the vulnerability.

CVSSv2 Base Score

The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).

State

The state of the vulnerability.

First Seen

The date when a scan first found the vulnerability on an asset.

Last Seen The date when a scan last found the vulnerability on an asset.
Actions

Shows an interactive button that allows you to complete certain actions with the finding.

This column appears in the table by default and you cannot remove or configure it.

To view and complete actions with a finding in the findings table:

  1. In the row for the finding for which you want to complete an action, in the Actions column, click the button.

    The action menu appears in the row.

  2. Click the action you want to complete.

    A page, plane, or window appears with steps to complete the action.