CVE Details
CVE details are displayed in the following tabs.
CVE Description tab
The Description tab shows the following information:
Section | Description |
---|---|
General information | A description of the CVE. To see the CVE in NVD, click Open in NVD. |
Additional information | NVD information, including: - NVD dates - Source and type of vulnerability - Qualys QID or Tenable Plugin vulnerability type IDs Shows cyberterms related to the CVE. To see more details, hover over the cyberterm. |
Mentions over time | Shows the mentions from all web sources over the past six months. You can change the date range. Peaks normally indicate spikes in exploits. |
Severity score breakdown | Shows the attributes of the overall severity score. Each input is ranked from 1 (least risk) to 100 (highest risk). |
CVE Intelligence Information tab
The Intelligence Information tab shows the following information:
Section | Description |
---|---|
Source of mention | Rapid7 enrichment that shows where the CVE was mentioned. If there are exploits, the Exploits source is highlighted. You can download the exploit by clicking Download Exploit. Exploits can have a status of Verified or Not verified (exploits from exploit-db). A red exclamation point icon indicates that the status is unknown. If a code exploit (from the Code Repositories source) is in proof of concept (POC) status, the mention will be tagged as POC. This piece of code is not known as an offical exploit, but is likely to turn into a published exploit in the near future. |
Mention text | Shows the mention, a link to the source, and the author. The mention is displayed in English, regardless of the source language (translated, if necessary). To revert to the original language, click Show original. If the full mention cannot be displayed, click …Read more. The full mention is displayed with the relevant text highlighted. If there are duplicate mentions, they are aggreggated into one. You can see the duplicates by clicking View Similar Mentions. For exploits, severity is also displayed, as well as a link to download the exploit code. |
Use the Find mentions field to search within the text that is displayed in all mentions. You can filter the mentions by date range.
To see other mentions that are not displayed, click Load more.
CVE CPEs tab
The CPEs tab lists all technologies that are affected by a CVE.
CVE Affected Hosts tab
The Affected Hosts tab shows more detailed information about the company assets that are affected by each CVE. To enable the display of this information, enable the data collection in the integration options for your CVE manager of choice, Qualys or Tenable.io.
Filter the Affected Hosts tab
You can filter the Affected Hosts tab based on the system-generated tags.
- To show only the hosts that contain a specific tag (or hostname or IP address), enter the desired term into the search field.
- To search the tags of a specific host, select the tags icon for that host. In the search dialog that is displayed, enter the desired tag into the search field.