Vulnerabilities Findings
This topic describes the performance of, or functionality for, a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.
Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
Note: Tenable.io retains findings data for only 15 months.
On the Findings page, you can view your vulnerabilities findings for your organization's resources.
To view your vulnerabilities findings:
-
In the upper-left corner, click the
button. The left navigation plane appears.
-
In the left navigation plane, in the Explore section, click Findings.
The Findings page appears, showing a table that lists your findings. By default, the Vulnerabilities tab is active.
-
In the Vulnerabilities findings table, you can perform any or all the following actions:
-
Refine the table data.
-
Filter the findings table.
-
Group your findings by asset name or plugin ID.
-
View findings details for your host vulnerabilities on the Vulnerability Findings Details page.
-
Export your host vulnerability findings.
-
Vulnerabilities Findings
You can view basic information about your vulnerabilities in the following table:
Note: Not all the following columns appear in the table by default. To view columns that do not appear by default, add the columns to the table. For more information, see Interact with a Customizable Table.
| Column | Description |
|---|---|
| Asset ID |
The asset's UUID. |
| Asset Name |
The name of the asset where the scanner detected the vulnerability. This value is unique to Tenable.io. |
| IPv4 Address |
The IPv4 address for the affected asset. |
| IPv6 Address | The IPv6 address for the affected asset. |
| Severity |
The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR. |
| Plugin Name |
The name of the plugin that identified the vulnerability detected in the finding. |
| Plugin ID |
The ID of the plugin that identified the vulnerability. |
| Plugin Family |
The family of the plugin that identified the vulnerability. |
| Port |
The port that the scanner used to connect to the asset where the scan detected the vulnerability. |
| Protocol |
The protocol the scanner used to communicate with the asset where the scan detected the vulnerability. |
| VPR |
A descriptive icon indicating the VPR of the vulnerability. For more information, see CVSS vs. VPR. |
| CVSSv2 Base Score | The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| State |
The state of the vulnerability. |
| CVSSv3 Base Score | The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| Scan Origin | This column helps identify the scanner that detected the finding. It also helps identify whether the scan is a work-load scan. Possible values for this column are: Tenable.io, Tenable.sc, and Agentless Assessment. |
| Region | The cloud region where the asset runs. |
| Account ID | The unique identifier assigned to the asset resource in the cloud service that hosts the asset. |
| Live Result | This column indicates whether the scan result is based on live results. In Agentless Assessment, you can use live results to view scan results for new plugins based on the most recently collected snapshot data, without running a new scan. The possible values are Yes or No. For more information, see Live Results for Agentless Assessment. |
| First Seen |
The date when a scan first found the vulnerability on an asset. |
| Last Seen |
The date when a scan last found the vulnerability on an asset. This column appears in the table by default. |
| Actions |
Shows a button that allows you to complete certain actions with the finding. This column appears in the table by default and you cannot remove or configure it. To view and complete actions with a finding in the findings table:
|
button.