Tenable Web App Scanning Findings
Required Additional License: Tenable Web App Scanning
Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
The Findings page provides insight into your organization's vulnerability findings, and the applications on which Tenable Web App Scanning identified the finding. A finding is a single instance of a vulnerability appearing on an application, identified uniquely by plugin ID, port, and protocol.
The Findings page contains a list view of web application findings identified, organized by findings type. You can drill down to view findings for one of the following findings types. On the Findings page, you can drill down to view only vulnerability findings for your web application vulnerabilities.
Note:Tenable retains findings data for only 15 months.
To view your web application vulnerabilities findings:
-
In the upper-left corner, click the
button. The left navigation plane appears.
-
The left navigation plane, click Findings.
The Findings page appears, showing a table that lists your findings.
-
In the Findings table, you can perform any, or all, of the following actions by clicking the
button:
You can view basic information about your web application vulnerability findings in the following table. Some column options that you can display are hidden by default. You must add them to your display by selecting the Columns drop-down button and checking any additional options.
| Column | Description |
|---|---|
| Application ID | The UUID of the asset where a scan detected the finding. This value is unique to Tenable Web App Scanning. |
| Application Name |
The name of the application where the scanner detected the vulnerability. This value is unique to Tenable Web App Scanning. This filter appears on the filter plane by default. |
| CVSSv2 Base Score |
The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments). |
| Family |
The family of the plugin that identified the vulnerability. This column appears in the table by default. |
| First Seen |
The date when a scan first found the vulnerability on an application. |
| ID | The UUID of the application where a scan detected the vulnerability. This value is unique to Tenable Web App Scanning. |
| IPv4 Address | The IPv4 address for the affected asset. You can add up to 256 IP addresses to this filter. |
| Last Seen |
The date when a scan last found the vulnerability on an asset. |
| Last Updated |
The date when a scan last found the vulnerability on an application. This column appears in the table by default. |
| Name |
The name of the plugin that identified the vulnerability detected in the finding. This column appears in the table by default. |
| Plugin ID |
The ID of the plugin that identified the vulnerability. This column appears in the table by default. |
| Severity |
The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR. This column appears in the table by default. |
| State |
The state of the vulnerability. This column appears in the table by default. |
| Tags |
A unique filter that searches tag (category: value) pairs. When you type a tag value, you must use the category: value syntax, including the space after the colon (:). You can use commas (,) to separate values. If there is a comma in the tag name, insert a backslash (\) before the comma. For more information, see Tags. Note: If your tag name includes double quotation marks (" "), you must use the UUID instead. |
| VPR |
The Vulnerability Priority Rating Tenable calculated for the vulnerability. |