Web Application Findings Details

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

When you View Finding Details, the Finding Details page varies by finding type. For web application findings, it includes a description, the recommended solution, and details about the affected asset.

The Finding Details page for web application findings contains the following sections.

Note: Tenable Vulnerability Management hides empty sections, so these may not appear in some cases.

Section	Description
Description	A description of the Tenable plugin that identified the vulnerability detected in the finding.
Solution	A brief summary of how you can remediate the vulnerability detected in the finding. This section appears only if an official solution is available.
AI Inventory	If a finding is AI-related, this section lists the AI/LLM-related tools found by Tenable's plugins.
See Also	Links to external websites that contain helpful information about the vulnerability detected in the finding.
Asset Information	Information about the affected asset, including: Asset ID — The UUID of the asset where a scan detected the vulnerability. This value is unique to Tenable Vulnerability Management. Name — The name of the affected asset. You can click the link in the name to view details about the affected asset on the Web Application Details page. IPV4 Address — The IPv4 address for your asset. Public — Indicates whether or not the asset is public.
Asset Scan Information	Information about the scan that detected the vulnerability, including: First Seen — The date and time when a scan first identified the asset. Last Seen — The date that the asset was last observed by any successful scan, including vulnerability scans, configuration scans, and discovery scans. This value can also be the date that Tenable Vulnerability Management imported the asset. Last Licensed Scan — The date and time of the last scan in which the asset was considered "licensed" and counted towards Tenable's license limit. A licensed scan uses non-discovery plugins and can identify vulnerabilities. Unauthenticated scans that run non-discovery plugins update the Last Licensed Scan field, but not the Last Authenticated Scan field. For more information on how licenses work, see Tenable Vulnerability Management Licenses. Last Authenticated Scan — The date and time of the last authenticated scan run against the asset. An authenticated scan that only uses discovery plugins updates the Last Authenticated Scan field, but not the Last Licensed Scan field. Source — The source of the scan that detected the vulnerability on the affected asset.
Identification	Information about how the plugin identified the vulnerability detected in the finding, including: URL — The target URL where the scanner detected the vulnerability. Proof — Output from the scanner's attempt to verify the vulnerability that proves the vulnerability is exploitable on the affected asset. Input Type — The component of the asset where an attacker could inject malicious code (for example, a form or session cookie). This section appears only if the asset is vulnerable to injection attacks. Input Name — The name of the asset component where an attacker could inject malicious code. This section appears only if the asset is vulnerable to injection attacks. Output — More detailed information from the plugin about the vulnerability detected during the scan.
Http Info	Information about the HTTP messages between the scanner and the web application, including: HTTP Request — The HTTP request of the scanner that identified the vulnerability made to the web application. HTTP Response — The HTTP response that the web application sent to the scanner that identified the vulnerability.
Attachments	Plugin attachments that include more details about the vulnerability detected in the finding. This section appears only if attachments are available.
Vulnerability Priority Rating (VPR)	The Vulnerability Priority Rating Tenable calculated for the vulnerability.
Finding State	The state of the vulnerability detected in the finding. For more information, see Vulnerability States.
Vulnerability Information	Information about the vulnerability that the plugin identified, including: Severity — An icon that indicates the severity of the vulnerability. Exploitability — Characteristics of the vulnerability that factor into its potential exploitability. Exploited With — The most common ways that the vulnerability may be exploited.
Discovery	Information about when Tenable Vulnerability Management first discovered the vulnerability detected in the finding, including: First Seen — The date when a scan first found the vulnerability on an asset. Last Seen — Filter on the date that the asset was last observed by any successful scan, including vulnerability scans, configuration scans, and discovery scans. This value can also be the date that the asset was imported into Tenable Vulnerability Management. Age — The number of days since a scan first found the vulnerability on an asset in your network.
Plugin Details	Information about the plugin that detected the vulnerability detected in the finding, including: Publication Date — The date on which the plugin that identified the vulnerability was published. Modification Date — The date on which the plugin was last modified. Family — The family of the plugin that identified the vulnerability. Risk Factor —The CVSS-based risk factor associated with the plugin. Plugin ID — Filter on the ID of the plugin that identified the vulnerability.
Risk Information	Information about the relative risk that the vulnerability presents to the affected asset, including: Risk Factor — The CVSS-based risk factor associated with the plugin. CVSSV3 Base Score — The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). CVSSV3 Vector — More CVSSv3 metrics for the vulnerability. CVSSV2 Base Score — The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). CVSS2 Vector — More CVSSv2 metrics for the vulnerability.
Reference Information	Industry resources that provide additional information about the vulnerability that Tenable Vulnerability Management detected in the finding, including but not limited to: OWASP — A link or links to each Open Web Application Security Project (OWASP) Top 10 list on which the vulnerability appears. OWASP API — A link or links to each OWASP API Top 10 list on which the vulnerability appears. WASC — A link to the Web Application Security Consortium (WASC) description for the vulnerability's threat classification. CWE — A link to the Common Weakness Enumeration (CWE) description for the vulnerability’s CWE score.
Actions	In the upper-right corner, click the Actions button to view a drop-down where you can: Export — Export to CSV or JSON, as described in Export from Explore Tables. Generate Report — Generate a report from a template, as described in Reports. Recast — Recast or accept finding severity, as described in Create Recast Rules from Findings. Recast — Recast or accept finding severity, as described in Create Recast Rules from Findings. View All Findings — View all findings for an asset, as described in View Asset Details. View All Details — View complete details for a finding, as described in View Finding Details. View All Details in New Tab — View complete details for an asset in a new browser tab.