Findings Columns
On the Findings page, you can view the findings in your environment broken down into categories including vulnerabilities, cloud misconfigurations, the results of host audits, and web application findings.
The Findings page has the following columns, which you can show or hide as described in Use Tables. Not all columns appear for all findings types.
| Column | Description |
|---|---|
| Account ID |
The unique identifier assigned to the asset resource in the cloud service that hosts the asset. |
| ACR |
(Requires Tenable One or Tenable Lumin license) The Tenable-defined Asset Criticality Rating (ACR) as an integer from 1 to 10. |
| AES |
(Requires Tenable One or Tenable Lumin license) The Tenable-defined Asset Exposure Score as an integer from 0 to 1000. |
| AI/LLM Tools |
Indicates an informational finding about artificial intelligence services running on an asset. Hover on the AI/LLM Tools column to view details. |
| All IPv4 Addresses | All IPv4 addresses for the asset on which the finding was identified. |
| Asset ID |
The UUID of the asset where a scan detected the finding. This value is unique to Tenable Vulnerability Management. |
| Asset Name |
The name of the asset. This value is unique to Tenable Vulnerability Management. |
| Asset Tags |
Tags applied to the asset. |
| CVSSv2 Base Score |
The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). Tenable Vulnerability Management shows the CVSSv2 or CVSSv3 column depending on the Vulnerability Severity Metric setting. |
| CVSSv3 Base Score |
The CVSSv3 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). Tenable Vulnerability Management shows the CVSSv2 or CVSSv3 column depending on the Vulnerability Severity Metric setting. |
| CVSSv4 Base Score |
The CVSSv4 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). To learn more, see the CVSSv4 specification. |
| Description | If present, a description of the vulnerability corresponding to the finding. |
| Fix Type | The type of fix, for example, version. |
| Fix Version | If present, the version number of the fix for the vulnerability corresponding to the finding. |
| First Seen |
The date when a scan first found the vulnerability on an asset. |
| IPv4 Address |
The IPv4 address for the affected asset. |
| IPv6 Address |
The IPv6 address for the affected asset. |
| Last Fixed |
The last time a previously detected vulnerability was scanned and noted as no longer present on an asset. |
| Last Scan Target | The IP address or fully qualified domain name (FQDN) of the asset targeted in the last scan. |
| Last Seen |
The date when a scan last found the vulnerability on an asset. |
| Live Result |
Indicates whether the scan result is based on live results. In Agentless Assessment, you can use live results to view scan results for new plugins based on the most recently collected snapshot data, without running a new scan. The possible values are Yes or No. |
| Plugin Family |
The family of the plugin that identified the vulnerability. |
| Plugin ID |
The ID of the plugin that identified the vulnerability. |
| Plugin Name |
The name of the plugin that identified the vulnerability. Hover on the |
| Port |
The port that the scanner used to connect to the asset where the scan detected the vulnerability. |
| Product | The name of the product on which the vulnerability was detected. |
| Product Type | The type of product, for example, Application. |
| Protocol |
The protocol the scanner used to communicate with the asset where the scan detected the vulnerability. |
| Region |
The cloud region where the asset runs. |
| Resurfaced Date |
The most recent date that a scan detected a Resurfaced vulnerability which was previously Fixed. If a vulnerability is Resurfaced multiple times, only the most recent date appears. |
| Scan Origin |
The scanner that detected the finding. Also identifies if the scan is a work-load scan. Possible values for this column are: Tenable Vulnerability Management, Tenable Security Center, and Agentless Assessment. |
| Severity |
The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR. |
| State |
The state of the vulnerability. For more information, see Vulnerability States. |
| Time Taken to Fix in Days |
How long it took your organization to fix a vulnerability identified on a scan, in hours or days. Only appears for Fixed vulnerabilities. Use this filter along with the State filter set to Fixed for more accurate results. When exported, this field is shown in milliseconds. |
| Vendor | The vendor who makes the product on which the vulnerability was identified, for example, Apache. |
| Version | The version of the product on which the vulnerability was identified. |
| VPR |
A descriptive icon indicating the VPR of the vulnerability. For more information, see CVSS vs. VPR. |
icon to view a detailed summary that includes metrics and plugin output.