Vulnerabilities

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the Findings workbench, click the Vulnerabilities tab to view your asset vulnerabilities. Common vulnerabilities include system misconfigurations, unpatched software, poor data encryption, and weak authorization credentials.

The Vulnerabilities tab contains a table with the following columns. To show or hide columns, see Customize Explore Tables.

Column Description
AI/LLM Tools

Indicates an informational finding about artificial intelligence services running on an asset. Hover on the AI/LLM Tools column to view details. These findings cannot be grouped.

Asset ID

The UUID of the asset where a scan detected the finding. This value is unique to Tenable Vulnerability Management.

Asset Name

The name of the asset. This value is unique to Tenable Vulnerability Management.

Asset Tags

Tags applied to the asset.

IPv4 Address

The IPv4 address for the affected asset.

IPv6 Address

The IPv6 address for the affected asset.

Last Fixed

The last time a previously detected vulnerability was scanned and noted as no longer present on an asset.

Severity

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

Plugin Name

The name of the plugin that identified the vulnerability detected in the finding.

Plugin ID

The ID of the plugin that identified the vulnerability.

Plugin Family

The family of the plugin that identified the vulnerability.

Port

The port that the scanner used to connect to the asset where the scan detected the vulnerability.

Protocol

The protocol the scanner used to communicate with the asset where the scan detected the vulnerability.

Time Taken to Fix

How long it took your organization to fix a vulnerability identified on a scan, in hours or days. Only appears for Fixed vulnerabilities. Use this filter along with the State filter set to Fixed for more accurate results.

VPR

A descriptive icon indicating the VPR of the vulnerability. For more information, see CVSS vs. VPR.

CVSSv2 Base Score

The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). Tenable Vulnerability Management shows the CVSSv2 or CVSSv3 column depending on the Vulnerability Severity Metric setting.

State

The state of the vulnerability.

CVSSv3 Base Score

The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). Tenable Vulnerability Management shows the CVSSv2 or CVSSv3 column depending on the Vulnerability Severity Metric setting.

Scan Origin

The scanner that detected the finding. Also identifies if the scan is a work-load scan. Possible values for this column are: Tenable Vulnerability Management, Tenable Security Center, and Agentless Assessment.

Region

The cloud region where the asset runs.

Account ID

The unique identifier assigned to the asset resource in the cloud service that hosts the asset.

Live Result

Indicates whether the scan result is based on live results. In Agentless Assessment, you can use live results to view scan results for new plugins based on the most recently collected snapshot data, without running a new scan. The possible values are Yes or No. For more information, see Live Results for Agentless Assessment.

First Seen

The date when a scan first found the vulnerability on an asset.

Last Seen

The date when a scan last found the vulnerability on an asset.

Actions

In this column, click the button to view a drop-down where you can:

  • Export — Export to CSV or JSON, as described in Export from Explore Tables.

  • Generate Report — Generate a report from a template, as described in Reports.

  • Recast — Recast or accept finding severity, as described in Create Recast Rules from Findings.

  • View All Findings — View all findings for an asset, as described in View Asset Details.

  • View All Details — View complete details for a finding, as described in View Finding Details.

  • Create Remediation Project — Start a new remediation project for an asset, as described in Remediation Projects.

  • Launch Remediation Scan — Start a remediation scan to follow up on existing scan results, as described in Launch a Remediation Scan.