Risk Analyzer Vulnerabilities
The Vulnerabilities list provides visibility into risk data. It's based on NVD / CVE data.
Scroll to the bottom of the page to see the total number of vulnerabilities and to advance to the next list page.
Vulnerabilities Table
The following table defines the values in the Security Rules table. The order of rules listed in the Security Rules table is set in the firewall policy by the network administrator.
| Value | Description |
|---|---|
| Vulnerability Name | The Common Vulnerabilities and Exposures (CVE) identification number. |
| Description | The meaning of the vulnerability name. |
| Asset Name | The asset affected by the vulnerability. Click the asset name to view asset details. |
| IP Address | The IP address of the asset affected by the vulnerability. |
| Service | The TCP or UDP port for the IP address of the asset affected by the vulnerability. |
| Effect | What the type of vulnerability allows an attacker to do to a system. |
| Locality* | Whether the vulnerability is local, remote, or through a client the user has accessed. |
| CVSS Score | The Common Vulnerability Scoring System (CVSS) is used to standardize vulnerabilities and is assigned to each vulnerability. |
| Published | The date in which the vulnerability was published to the CVE list. |
*Locality
- Local - the vulnerability may be exploited only if access has already been gained to the asset.
- Remote - the vulnerability may be exploited over a network.
- Client - the vulnerability may be exploited because the user accesses the attacker. For example, a vulnerability in a browser exists and the user visits an attacker website for the exploit to occur.