Vulnerability explorer
Use the Vulnerability explorer dashboard in Risk Monitor to quickly explore and model the vulnerabilities within your applications, charting both the exploit path and impact metrics associated with every vulnerability detected.
Description
The tables Vulnerability details and Vulnerable devices, applications and users contain all known vulnerabilities found in your IT estate.
The Exploitability Metrics and Impact Metrics in the middle section of the dashboard are the CVSS Base metrics included in the formula for calculating the CVSS Base score for a vulnerability. See www.first.org and https://nvd.nist.gov for a comprehensive description of all base metrics and parameters and how the CVSS Base score is calculated.
The exploitability metrics describe the conditions upon which a vulnerability could be exploited, and the impact metrics describe the potential outcome of those exploits. If some metrics are of special interest to you and your organization, you can select parameters for those metrics, and the tables will filter to show details of all vulnerabilities in your organization that have been assigned the selected parameters.
For example, if you want to know what vulnerabilities in the organization could be exploited by an unauthorized attacker, select the parameter NONE for the metric Privileges needed. The table Vulnerability details will list all vulnerabilities in the organization that could be exploited by an unauthorized attacker, and the table Vulnerable devices, applications and users will list all applications containing such vulnerabilities.
If you want to see what metric parameters the base score for a specific vulnerability is based on, you can select the CVE id for the vulnerability from the CVE ID list in the filters section on the dashboard. The metrics section will filter to show the parameters assigned to the vulnerability.
Related use cases
For information on related uses cases, see the following sections:
-
Find all vulnerabilities in your organization that could be exploited remotely via the Internet
-
See what versions of an application are present in your IT estate
-
Find links to security updates and patches for a vulnerability
Characteristics
You can refer to the tables below for descriptions of the key figures, filters, metrics, and tables on the dashboard.
Key figures
The key figures give a quick overview of your IT estate's exposure to software vulnerabilities.
Key figure | Description |
---|---|
Vulnerable devices | The number of devices with at least one vulnerable application installed. |
Vulnerable applications | The number of installed applications containing at least one vulnerability. |
Vulnerable users | The number of users with access to at least one vulnerable device. |
Filters
Use one or more filters to focus on specific aspects of your IT estate's exposure to software vulnerabilities. The key figures, metrics, and tables on the page will adjust to show the results filtered by the selected parameter or parameters.
Filter | Description |
---|---|
Application name | Select an application name from the list to see details of the vulnerabilities in the application. |
Organization | Select an organizational unit from the list to see details of vulnerabilities in applications used by that organizational unit. |
CVE ID | Select a CVE id from the list to see details of the vulnerability connected to the CVE id. |
PII risk | Select True to see details of all vulnerabilities in PII risk applications in your organization. Select False to see details of all vulnerabilities that are not connected to PII risk applications in your organization. |
BaseScore | Select a range to see details of vulnerabilities in your organization with base scores within that range. |
Metrics
Select one or more metric parameters of special interest to your organization to filter out the matching vulnerabilities in the Vulnerability details and Vulnerable devices, applications and users tables.
See www.first.org and https://nvd.nist.gov for a comprehensive description of all base metrics and parameters.
Metric | Description |
---|---|
Exploitability Metrics | Exploitability metrics describe the conditions that must be fulfilled for an attacker to be able to exploit the vulnerability. You can select one or more parameters for one or more of the following exploitability metrics:
|
Impact Metrics | Impact metrics describe the potential consequences of an exploited vulnerability. You can select one or more parameters for one or more of the following impact metrics:
|
Base Severity | You can select one or more base severity grades. Note: The parameter NOT SPECIFIED indicates that the vulnerability has not yet been assigned any of the other Base Severity parameters. |
Tables
Use the tables to see details about the vulnerabilities in your IT estate.
Select a column header to sort the table by that column.
Table | Description |
---|---|
Vulnerability details | Unfiltered, the table includes all vulnerabilities in your IT estate. The following vulnerability details are shown in the table:
|
Vulnerable devices, applications and users | Unfiltered, the table includes all vulnerable applications in your IT estate, grouped by application manufacturer. For each application, all vulnerable software versions present in the IT estate are listed. The following details are shown in the table:
|