Vulnerability Filters
The following feature is only available in Tenable FedRAMP Moderate environments.
On the Vulnerabilities page, you can filter vulnerabilities using Tenable-provided filters and filters based on asset tags.
Tenable-provided Filters
Tenable Vulnerability Management provides the following vulnerability filters:
| Filter | Description |
|---|---|
| Asset ID | The UUID of the asset where a scan detected the vulnerability. This value is unique to Tenable Vulnerability Management. |
| Bugtraq ID | The Bugtraq ID for the plugin that identified the vulnerability. |
| CANVAS Exploit Framework | Indicates whether an exploit for the vulnerability exists in the Immunity CANVAS framework. |
| CANVAS Package | The name of the CANVAS exploit pack that includes the vulnerability. |
| CERT Advisory ID | The ID of the CERT advisory related to the vulnerability. |
| CERT Vulnerability ID | The ID of the vulnerability in the CERT Vulnerability Notes Database. |
| Check Name | The description of the compliance check that detected the vulnerability. |
| Compliance Reference | The name of the reference file the scan used for the compliance check. |
| CORE Exploit Framework | Indicates whether an exploit for the vulnerability exists in the CORE Impact framework. |
| CPE |
The Common Platform Enumeration (CPE) numbers for vulnerabilities that the plugin identifies. |
| CVE |
The Common Vulnerability and Exposure (CVE) IDs for the vulnerabilities that the plugin identifies. |
| CVSS Base Score |
The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| CVSS Temporal Score | The CVSSv2 temporal score (characteristics of a vulnerability that change over time but not among user environments). |
| CVSS Temporal Vector | CVSSv2 temporal metrics for the vulnerability. |
| CVSS v3.0 Base Score | The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| CVSS v3.0 Temporal Score | The CVSSv3 temporal score (characteristics of a vulnerability that change over time but not among user environments). |
| CVSS v3.0 Temporal Vector | CVSSv3 temporal metrics for the vulnerability. |
| CVSS v3.0 Vector | More CVSSv3 metrics for the vulnerability. |
| CVSS Vector |
The raw CVSSv2 metrics for the vulnerability. For more information, see CVSSv2 documentation. |
| CWE | The Common Weakness Enumeration (CWE) for the vulnerability. |
| Check Name | The description of the compliance check that detected the vulnerability. |
| Compliance Reference | The name of the reference file the scan used for the compliance check. |
| Default/Known Accounts | Indicates whether the plugin that identified the vulnerability checks for default accounts. |
| Elliot Exploit Framework | Indicates whether an exploit for the vulnerability exists in the D2 Elliot Web Exploitation framework. |
| Elliot Exploit Name | The name of the exploit for the vulnerability in the D2 Elliot Web Exploitation framework. |
| Exploit Available | Indicates whether a public exploit exists for the vulnerability. |
| Exploit Database ID | The ID of the vulnerability in the Exploit Database. |
| ExploitHub | Indicates whether an exploit for the vulnerability exists in the ExploitHub framework. |
| Exploitability Ease | Description of how easy it is to exploit the vulnerability. |
| Exploited by Malware | Indicates whether the vulnerability is known to be exploited by malware. |
| Exploited by Nessus | Indicates whether Tenable Nessus exploited the vulnerability during the process of identification. |
| ExploitHub | Indicates whether an exploit for the vulnerability exists in the ExploitHub framework. |
| Hostname/IP Address |
The hostname of the asset where a scan found the vulnerability. Note: Ensure the search query does not end in a period. |
| IAVA ID | The ID of the information assurance vulnerability alert (IAVA) for the vulnerability. |
| IAVB ID | The ID of the information assurance vulnerability bulletin (IAVB) for the vulnerability. |
| IAVM Severity | The severity of the vulnerability in Information Assurance Vulnerability Management (IAVM). |
| IAVT ID | The ID of the information assurance vulnerability technical bulletin (IAVT) for the vulnerability. |
| In the News | Indicates whether this plugin has received media attention (for example, ShellShock, Meltdown). |
| Malware | Indicates whether the plugin that identified the vulnerability checks for malware. |
| Metasploit Exploit Framework | Indicates whether an exploit for the vulnerability exists in the Metasploit framework. |
| Metasploit Name | The name of the related exploit in the Metasploit framework. |
| Microsoft Bulletin | The Microsoft security bulletin the plugin that identified the vulnerability covers. |
| OSVDB ID | The ID of the vulnerability in the Open Sourced Vulnerability Database (OSVDB). |
| Patch Publication Date |
The date on which the vendor published a patch for the vulnerability. |
| Plugin Description |
The description of the Tenable plugin that identified the vulnerability. |
| Plugin Family |
The family of the plugin that identified the vulnerability. |
| Plugin ID |
The ID of the plugin that identified the vulnerability. |
| Plugin Modification Date |
The date on which the plugin was last modified. |
| Plugin Name |
The name of the plugin that identified the vulnerability. |
| Plugin Output |
The text output of the Nessus scanner that identified the vulnerability. |
| Plugin Publication Date |
The date on which the plugin that identified the vulnerability was published. |
| Plugin Type |
The general type of plugin check (for example, local or remote). |
| Port | Information about the port the scanner used to connect to the asset where the scan detected the vulnerability. |
| Protocol | The protocol the scanner used to communicate with the asset where the scan detected the vulnerability. |
| Recast & Accept | Indicates whether the vulnerability is affected by a recast or accept rule. |
| Risk Modified | Indicates whether you have accepted or recasted (or both) the severity of a vulnerability. For more information, see Create Recast/Accept Rules in Findings. |
| Secunia ID | The ID of the Secunia research advisory related to the vulnerability. |
| See Also |
Links to external websites that contain helpful information about the vulnerability. |
| Severity |
The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR. |
| Solution |
A brief summary of how you can remediate the vulnerability. |
| Synopsis | Brief description of the plugin or vulnerability. |
| Tag (Category: Value) |
A unique filter that searches tags (category: value) pairs. For more information, see tags. Note: When filtering by tag, Tenable Vulnerability Management shows up to 25,000 tag results. To view the full results, refine your tag filter, or export the vulnerability data. |
| Target Group | A target group. For more information, see Target Groups. |
| Unsupported By Vendor | Software found by this plugin is unsupported by the software's vendor (for example, Windows 95 or Firefox 3). |
| Vulnerability First Seen |
The date when a scan first found the vulnerability on an asset. |
| Vulnerability Last Seen |
The date when a scan last found the vulnerability on an asset. |
| Vulnerability Priority Rating (VPR) |
The VPR Tenable calculated for the vulnerability. |
| Vulnerability Publication Date |
The date when the vulnerability definition was first published (for example, the date that the CVE was published). |
| Vulnerability State | The state of the vulnerability. For more information, see Vulnerability States. |
Tenable Web App Scanning Vulnerability Filters
| Filter | Description |
|---|---|
| Application Count | The number of applications affected by the vulnerability. |
| Bugtraq Id | The Bugtraq ID for the plugin that identified the vulnerability. |
| CPE |
The Common Platform Enumeration (CPE) numbers for vulnerabilities that the plugin identifies. |
| CVE |
The Common Vulnerability and Exposure (CVE) IDs for the vulnerabilities that the plugin identifies. |
| CVSS Base Score |
The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| CVSS v3.0 Base Score | The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| CVSS v3.0 Vector | More CVSSv3 metrics for the vulnerability. |
| CVSS Vector |
The raw CVSSv2 metrics for the vulnerability. For more information, see CVSSv2 documentation. |
| CWE |
The Common Weakness Enumeration (CWE) for the vulnerability. |
| First Seen | The date on which the first instance of the vulnerability was detected. |
| Host | The host of the URL where the vulnerability was detected. |
| OWASP Top 10 2010 | The Open Web Application Security Project (OWASP) 2010 category for the vulnerability targeted by the plugin. |
| OWASP Top 10 2013 |
The Open Web Application Security Project (OWASP) 2013 category for the vulnerability targeted by the plugin. |
| OWASP Top 10 2017 | The Open Web Application Security Project (OWASP) 2017 category for the vulnerability targeted by the plugin. |
| Plugin Description |
The description of the Tenable plugin that identified the vulnerability. |
| Plugin Family |
The family of the plugin that identified the vulnerability. |
| Plugin ID |
The ID of the plugin that identified the vulnerability. |
| Plugin Modification Date |
The date on which the plugin was last modified. |
| Plugin Name |
The name of the plugin that identified the vulnerability. |
| Plugin Publication Date |
The date on which the plugin that identified the vulnerability was published. |
| See Also |
Links to external websites that contain helpful information about the vulnerability. |
| Severity |
The CVSS score-based severity. For more information, see CVSS Scores vs. VPR in the Tenable Vulnerability Management User Guide. |
| Solution |
A brief summary of how you can remediate the vulnerability. |
| WASC |
The Web Application Security Consortium (WASC) category associated with the vulnerability targeted by the plugin. |
Tag Filters
In Tenable Vulnerability Management, tags allow you to add descriptive metadata to assets that helps you group assets by business context. For more information, see Tags.
On both the By Plugin and By Asset tabs of the Vulnerabilities page, you can filter vulnerabilities by tags applied to the related assets.
- For the most accurate and complete search results, use full words in your search value.
- Do not use periods in your search value.
- Remember that when filtering assets, the search values are case-sensitive.
- Filter by only one value per filter. For example, to filter by two different IP addresses, add two separate filters for each IP address.
- Where applicable, Tenable recommends using the contains or does not contain instead of the is equal to or is not equal to operators.
In the Category drop-down box for a filter, your organization's tags appear at the bottom of the list, after the Tenable-provided filters.
If you want to export vulnerabilities filtered by tag, use the .csv export format. Tag filters are not supported in other export formats.
Note: If you exceed the current asset query limitation of 5,000, a message appears in your interface. You should refine the query to a smaller set of asset tags.