Documentation Center
AlienVault® USM Anywhere™

Viewing Vulnerabilities Scan Results

  Role Availability   Read-Only   Analyst   Manager

Viewing Vulnerabilities

A vulnerabilityA known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. is a weakness in your system, which reduces your system's information assurance. USM Anywhere helps you to define, identify, classify, and prioritize the vulnerabilities in your system.

USM Anywhere provides a centralized view of your vulnerabilities. Navigate to ENVIRONMENT > VULNERABILITIES.

The vulnerabilities page displays information on vulnerabilities. On the left you can find the search and filters options. Across the top, you can see any filters you have applied, and you have the option to create and select different views of the vulnerabilities. The main part of the page is the actual list of vulnerabilities. Each row describes an individual vulnerability.

If you want to analyze the data, you can maximize the screen and hide the filter panel. Click the Expanded Filter Panel icon () to hide the filter panel. Click the Collapsed Filter Panel icon () to expand the filter panel.

List of the default columns in Vulnerabilities
Column Field Name Description
Last Seen Last date on which the vulnerability was seen in the asset. The displayed date depends on your computer's time zone
Vulnerability ID Displays the associated CVEThe CVE system provides a method, using CVE IDs, to reference publicly known information security vulnerability and exposures in publicly released software packages and environments. ID, if it exists
Vulnerability Name

Displays the name of the vulnerability

Labels Label(s) applied to the vulnerability
Asset This is the asset that is vulnerable
Severity

Indicates the severity of the vulnerability. Values are High, Medium, Low, and Under Analysis. See About Vulnerability Severity

Score Common Vulnerability Scoring System (CVSSOpen framework for communicating the characteristics and severity of software vulnerabilities that helps to prioritize actions according to their threat.), see Common Vulnerability Scoring System SIG
First Seen Date of the detection of the vulnerability in the asset. The displayed date depends on your computer's time zone

Click the blue chevron icon () located next to the asset name to access to the following options

You can also sort items by selecting 20, 50, or 100 below the result table. Some columns can be classified if you click the icons to the right side of the heading. You will sort the item information in ascending and/or descending order.

Click Generate Report to export vulnerabilities. See Exporting Vulnerabilities for further details.

Click the star symbol to the left of an item to mark it as a bookmark for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to them.

Views

To create a view configuration

  1. From the Vulnerabilities list view, select the filters you want to apply .
  2. Click the pull-down menu Save View > Save as.
  3. Type a name for the view and click Save.

To select a configured view

  1. From the Vulnerabilities list view, click the View pull-down menu above the filters.
  2. Click Saved views and select the view you want to see.
  3. Click Apply.

Vulnerabilities from Assets Main Page

To explore vulnerabilities from assets

  1. Navigate to Environment > Assets.
  2. Click the filter Has Vulnerabilities.
  3. Click the blue chevron icon () located next to the asset name you want to explore and select Vulnerabilities.
  4. The asset details page opens with the list of vulnerabilities.

  5. Click View on the vulnerability you want to explore.
  6. (Optional) Click the star symbol to the left of the vulnerability name to mark it for quick access. Clicking the Star icon () on the secondary menu shows the bookmarked items and a link to it.
  7. The More information link opens the Open Threat Exchange platform with the information about the CVE Identifier.