Vulnerability Information
On the Vulnerability Profile page, the Vulnerability Information section provides a short summary along the vulnerability's Vulnerability Priority Rating (VPR), Common Vulnerability Scoring System (CVSSv3), and Exploit Prediction Scoring System (EPSS) scores.
It also contains four tabs, within which you can view an event timeline, VPR and EPSS widgets, plugin details, known affected products, and a full summary.
Events
The Events tab appears by default and contains a timeline for the vulnerability. Use the horizontal scroll bar or click an event marker to go to that event. Click event links to open them in your web browser.
The timeline can contain the following events.
|
Event |
Description |
|---|---|
|
Discovery Date |
When Tenable first observed the vulnerability. |
| NVD Published |
When the National Vulnerability Database (NVD) disclosed the vulnerability. |
|
First Tenable Coverage |
The first time Tenable provided coverage for the vulnerability. |
| First Proof of Concept |
When Tenable first observed a proof of concept for the vulnerability. |
| First Functional Exploit | When the first functional exploit for the vulnerability was released. |
| Consec Plugin Published | Indicates that a new Container Security Scanner plugin for the vulnerability is available. |
| LCE Plugin Published | Indicates that a new Log Correlation Engine plugin for the vulnerability is available. |
|
Nessus Plugin Published |
Indicates that a new Tenable Nessus plugin for the vulnerability is released. |
| NNM Plugin Published | Indicates that a new Tenable Nessus Network Monitor plugin for the vulnerability is available. |
|
WAS Plugin Published |
Indicates that a new Tenable Web App Scanning plugin for the vulnerability is available. |
|
Ransomware |
When Tenable first observed ransomware events for the vulnerability. |
| Malware | When Tenable first observed malware events for the vulnerability. |
| Emerging Threats |
Indicates that Tenable is actively monitoring the vulnerability since it is being publicly discussed, has a viable proof of concept, and/or is widely used. |
| Exploited in the Wild | Indicates that the vulnerability has been used in a cyberattack. |
|
Persistently Exploited |
Appears when Tenable observes that the vulnerability is being persistently exploited. |
|
CISA Known Exploits |
When the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to their Known Exploited Vulnerabilities catalog. |
| CISA Due-Date | When federal agencies must fix vulnerabilities on the CISA Known Exploited Vulnerabilities (KEV) list. |
| Cyber Exposure Alert |
Appears when Tenable publishes a Cyber Exposure Alert for the vulnerability. |
| EPSS Increased | Appears when the Exploit Prediction Scoring System (EPSS) increases. |
| EPSS Decreased | Appears when the EPSS decreases. |
| EPSS Assigned | Appears when an EPSS score is assigned. |
| VPR Increased | Appears when the Vulnerability Priority Rating (VPR) increases. |
| VPR Decreased | Appears when the VPR decreases. |
| VPR Assigned | Appears when a VPR score is assigned. |
Scores
The Scores tab contains ring charts for VPR and EPSS along with trend charts to track how these scores have changed over time.
In addition, you can review the following VPR Key Drivers.
|
VPR Driver |
Description |
|---|---|
|
Age of Vulnerability |
The number of days since the vulnerability was discovered. |
|
CVSSv3 Impact Score |
The NVD-provided CVSSv3 impact score from 0–10. If NVD did not provide a score, Tenable generates one. |
|
Exploit Code Maturity |
The highest level of exploit maturity for the vulnerability: Unproven, PoC, Functional, or High. Drawn from Tenable’s research, as well as key external sources. |
|
Product Coverage |
The relative number of unique products affected. Values are Low, Medium, High, or Very High. |
|
Threat Intensity |
The number and frequency of recent threat events. Values are Very Low, Low, Medium, High, or Very High. |
|
Threat Sources |
Sources where relevant threat events occurred (for example, social media or the dark web). If no events were observed in the past 28 days, No recorded events appears. |
|
Threat Recency |
The number of days since a threat event occurred, from 0–180. |
Plugins
The Plugins tab lists plugins that detected findings for the vulnerability. From the Source drop-down, choose between Tenable Web App Scanning and Tenable Nessus.
|
Column |
Description |
|---|---|
|
Plugin ID |
The ID of the Tenable plugin that detected the finding. |
|
Name |
The name of the Tenable plugin that detected the finding. |
|
Family |
The type of plugin. For example, with a Tenable Nessus plugin, Backdoors. Or, with a Tenable Web App Scanning plugin, Code Execution. To learn more, see About Plugin Families on the Tenable website. |
|
Severity |
The severity of the vulnerability as Low, Medium, or High. |
Products
In the Products tab, view affected products by vendor. Next to a vendor, click the drop-down > to view a list of products.
For example, a vulnerability might have the Vendor canonical with the Product linux.
Summary
In the Summary tab, read a summary and Copy it to your clipboard.