Vulnerabilities Findings

This topic describes the performance of, or functionality for, a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.

Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Note: Tenable.io retains findings data for only 15 months.

On the Findings page, you can view your vulnerabilities findings for your organization's resources.

To view your vulnerabilities findings:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, in the Explore section, click Findings.

    The Findings page appears, showing a table that lists your findings. By default, the Vulnerabilities tab is active.

  3. In the Vulnerabilities findings table, you can perform any or all the following actions:

Vulnerabilities Findings

You can view basic information about your vulnerabilities in the following table:

Note: Not all the following columns appear in the table by default. To view columns that do not appear by default, add the columns to the table. For more information, see Interact with a Customizable Table.

Column Description
Asset ID

The asset's UUID.

Asset Name

The name of the asset where the scanner detected the vulnerability. This value is unique to Tenable.io.

IPv4 Address

The IPv4 address for the affected asset.

IPv6 Address The IPv6 address for the affected asset.
Severity

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

Plugin Name

The name of the plugin that identified the vulnerability detected in the finding.

Plugin ID

The ID of the plugin that identified the vulnerability.

Plugin Family

The family of the plugin that identified the vulnerability.

Port

The port that the scanner used to connect to the asset where the scan detected the vulnerability.

Protocol

The protocol the scanner used to communicate with the asset where the scan detected the vulnerability.

VPR

A descriptive icon indicating the VPR of the vulnerability. For more information, see CVSS vs. VPR.

CVSSv2 Base Score The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).
State

The state of the vulnerability.

CVSSv3 Base Score The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).
Scan Origin This column helps identify the scanner that detected the finding. It also helps identify whether the scan is a work-load scan. Possible values for this column are: Tenable.io, Tenable.sc, and Agentless Assessment.
Region The cloud region where the asset runs.
Account ID The unique identifier assigned to the asset resource in the cloud service that hosts the asset.
Live Result This column indicates whether the scan result is based on live results. In Agentless Assessment, you can use live results to view scan results for new plugins based on the most recently collected snapshot data, without running a new scan. The possible values are Yes or No. For more information, see Live Results for Agentless Assessment.
First Seen

The date when a scan first found the vulnerability on an asset.

Last Seen

The date when a scan last found the vulnerability on an asset.

This column appears in the table by default.
Actions

Shows a button that allows you to complete certain actions with the finding.

This column appears in the table by default and you cannot remove or configure it.

To view and complete actions with a finding in the findings table:

  1. In the row for the finding for which you want to complete an action, in the Actions column, click the button.

    The action menu appears in the row.

  2. Click the action you want to complete.

    A page, plane, or window appears with steps to complete the action.