Tenable Web App Scanning Findings

Required Additional License: Tenable Web App Scanning

Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

The Findings page provides insight into your organization's vulnerability findings, and the applications on which Tenable Web App Scanning identified the finding. A finding is a single instance of a vulnerability appearing on an application, identified uniquely by plugin ID, port, and protocol.

The Findings page contains a list view of web application findings identified, organized by findings type. You can drill down to view findings for one of the following findings types. On the Findings page, you can drill down to view only vulnerability findings for your web application vulnerabilities.

Note:Tenable retains findings data for only 15 months.

To view your web application vulnerabilities findings:

  1. The left navigation plane, click on Findings.

    The Findings page appears, showing a table that lists your findings.

  2. In the Findings table, you can perform any, or all, of the following actions by clicking the button:

    • Accept your finding.

    • Export your finding.

    • View all findings of the selected type.

You can view basic information about your web application vulnerability findings in the following table. Some column options that you can display are hidden by default. You must add them to your display by selecting the Columns drop-down button and checking any additional options.

Column Description
Application ID The UUID of the asset where a scan detected the finding. This value is unique to Tenable Web App Scanning.
Application Name

The name of the application where the scanner detected the vulnerability. This value is unique to Tenable Web App Scanning.

This filter appears on the filter plane by default.

CVSSv2 Base Score

The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).

Family

The family of the plugin that identified the vulnerability.

This column appears in the table by default.

First Seen

The date when a scan first found the vulnerability on an application.

ID The UUID of the application where a scan detected the vulnerability. This value is unique to Tenable Web App Scanning.
IPv4 Address The IPv4 address for the affected asset. You can add up to 256 IP addresses to this filter.
Last Seen

The date when a scan last found the vulnerability on an asset.

Last Updated

The date when a scan last found the vulnerability on an application.

This column appears in the table by default.
Name

The name of the plugin that identified the vulnerability detected in the finding.

This column appears in the table by default.

Plugin ID

The ID of the plugin that identified the vulnerability.

This column appears in the table by default.

Severity

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

This column appears in the table by default.

State

The state of the vulnerability.

This column appears in the table by default.

Tags

A unique filter that searches tag (category: value) pairs. When you type a tag value, you must use the category: value syntax, including the space after the colon (:). You can use commas (,) to separate values. If there is a comma in the tag name, insert a backslash (\) before the comma. You can add a maximum of 100 tags.

For more information, see Tags.

Note: If your tag name includes double quotation marks (" "), you must use the UUID instead.

VPR

The Vulnerability Priority Rating Tenable calculated for the vulnerability.