Vulnerability Information
On the Vulnerability Profile page, the Vulnerability Information section provides a short summary along the vulnerability's Vulnerability Priority Rating (VPR), Common Vulnerability Scoring System (CVSSv3), and Exploit Prediction Scoring System (EPSS) scores.
It also contains four tabs, within which you can view an event timeline, VPR and EPSS widgets, plugin details, known affected products, and a full summary.
Events
The Events tab appears by default and contains a timeline for the vulnerability. Use the horizontal scroll bar or click an event marker to go to that event. Click event links to open them in your web browser.
The timeline can contain the following events.
|
Event |
Description |
|---|---|
|
Discovery Date |
Indicates the date Tenable first observed the vulnerability. |
| NVD Published |
Indicates the date that the National Vulnerability Database (NVD) disclosed the vulnerability. |
|
First Tenable Coverage |
Indicates the first time Tenable provided coverage for the vulnerability. |
| First Proof of Concept |
Indicates the date Tenable first observed a proof of concept for the vulnerability. |
| First Functional Exploit | Indicates the date the first functional exploit for the vulnerability was released. |
| Consec Plugin Published | Appears when a new Container Security Scanner plugin for the vulnerability is released. |
| LCE Plugin Published | Appears when a new Log Correlation Engine plugin for the vulnerability is released. |
|
Nessus Plugin Published |
Appears when a new Tenable Nessus plugin for the vulnerability is released. |
| NNM Plugin Published | Appears when a new Tenable Nessus Network Monitor plugin for the vulnerability is released. |
|
WAS Plugin Published |
Appears when a new Tenable Web App Scanning plugin for the vulnerability is released. |
|
Ransomware |
Indicates the first time Tenable observed ransomware events for the vulnerability. |
| Malware | Indicates the first time Tenable observed malware events for the vulnerability. |
| Emerging Threats |
Indicates that Tenable is actively monitoring the vulnerability since it is being publicly discussed, has a viable proof of concept, and/or is widely used. |
| Exploited in the Wild | Indicates that the vulnerability has been used in a cyberattack. |
|
Persistently Exploited |
Appears each time Tenable observes that the vulnerability is being persistently exploited. |
|
CISA Known Exploits |
Indicates the date that the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to their Known Exploited Vulnerabilities catalog. |
| CISA Due-Date | Indicates the date by which federal agencies must fix vulnerabilities on the CISA Known Exploited Vulnerabilities (KEV) list. |
| Cyber Exposure Alert |
Appears when Tenable publishes a Cyber Exposure Alert for the vulnerability. |
| EPSS Increased | Appears when the Exploit Prediction Scoring System (EPSS) increases (for example, EPSS Increased to 65%). |
| EPSS Decreased | Appears when the EPSS decreases. |
| EPSS Assigned | Appears when an EPSS score is assigned. |
| VPR Increased | Appears when the Vulnerability Priority Rating (VPR) increases (for example, VPR Increased to 6.1). |
| VPR Decreased | Appears when the VPR decreases. |
| VPR Assigned | Appears when a VPR score is assigned. |
Scores
The Scores tab contains ring charts for VPR and EPSS along with trend charts to track how these scores have changed over time.
In addition, you can review the following VPR Key Drivers.
|
VPR Driver |
Description |
|---|---|
|
Age of Vulnerability |
Indicates the number of days since the vulnerability was discovered. |
|
CVSSv3 Impact Score |
Indicates the NVD-provided CVSSv3 impact score from 0–10. If NVD did not provide a score, Tenable generates one. |
|
Exploit Code Maturity |
The highest level of exploit maturity for the vulnerability: Unproven, PoC, Functional, or High. Drawn from Tenable’s research, as well as key external sources. |
|
Product Coverage |
Indicates the relative number of unique products affected. Values are Low, Medium, High, or Very High. |
|
Threat Intensity |
Indicates the number and frequency of recent threat events. Values are Very Low, Low, Medium, High, or Very High. |
|
Threat Sources |
Lists sources where relevant threat events occurred (for example, social media or the dark web). If no events were observed in the past 28 days, No recorded events appears. |
|
Threat Recency |
Indicates the number of days since a threat event occurred, from 0–180. |
Plugins
The Plugins tab lists plugins that detected findings for the vulnerability. From the Source drop-down, choose between Tenable Web App Scanning and Tenable Nessus.
|
Column |
Description |
|---|---|
|
Plugin ID |
Indicates the ID of the Tenable plugin that detected the finding. |
|
Name |
Indicates the name of the Tenable plugin that detected the finding. |
|
Family |
Indicates the type of plugin. For example, with a Tenable Nessus plugin, Backdoors. Or, with a Tenable Web App Scanning plugin, Code Execution. To learn more, see About Plugin Families on the Tenable website. |
|
Severity |
Indicates severity for the detected vulnerability as Low, Medium, or High. |
Products
In the Products tab, view affected products by vendor. Next to a vendor, click the drop-down > to view a list of products.
For example, a vulnerability might have the Vendor canonical with the Product linux.
Summary
In the Summary tab, read a summary and Copy it to your clipboard.