Viewing the security vulnerabilities listing and details
This topic describes how to view and filter the list of security vulnerabilities and how to view their details.
- To view the list of security vulnerabilities
- To filter the list of security vulnerabilities
- To view the details of a security vulnerability
- Related topic
To view the list of security vulnerabilities
- Navigate to Admin > Network Admin > Security Vulnerabilities.
The Security Vulnerabilities page is displayed.
Perform one of the following tasks by using menu options:
Menu option
Description
Import
Import one or more security advisories or bulletins obtained from a vendor into TrueSight Network Automation. For details, see Importing-security-vulnerabilities.
Filter
Filter the list based on a specific criterion. You can filter the list by vendor, ID, title, and/or rule name by using the text area or menu in the corresponding column header. For details, see Filtering the listing of security vulnerabilities.
Delete
Delete one or more selected vulnerabilities. Each row of the table has a check box on its left to select the vulnerability for deletion. The check box in the header row selects all rows on the current page. When you try to delete a vulnerability, you are provided with the option to delete the associated rule(s) as well, if you have the required permission and if none of the rules are in use or being referenced by other components in TrueSight Network Automation.
Print View
Print the list of security vulnerabilities.
Refresh
Refresh the list.
Help
Display help about security vulnerabilities.
Perform one of the following actions on a security vulnerability by clicking an icon in the Actions column:
Icon
Action
Description
View
Display all information about the security vulnerability. For details, see Viewing a security vulnerability.
Delete
Delete the security vulnerability and, optionally, its associated rule(s).
Generate Rule
Generate a compliance rule from the security vulnerability.
When you click this icon, the Add Rule page appears with default selections for the security vulnerability. You must review all the settings for correctness, make all the necessary changes, and fill in the required information. For more information, see Generating compliance rules.
Manage Rules
Associate and dissociate compliance rules with the security vulnerability. For details, see Managing compliance rules.
Expand
Display additional, important characteristics of the vulnerability inline, including the vendor link. The vendor link contains complete information about the security vulnerability provided by the originator.
To filter the list of security vulnerabilities
Click the Filter menu option 
above the security vulnerabilities list to display the filtering options, as shown in the following figure:
You can use asterisk (*) as the wildcard character in all text-based fields to specify the filter criterion.
To view the details of a security vulnerability
Click the View icon in the Actions column to see the details about a security vulnerability. Only those fields that the vendor supplies and that are understood by the security vulnerability importer are present in the details. Only the title always appears in the details.
Field | Description |
|---|---|
Title | A summary of the nature of the security vulnerability |
CVE ID(s) | The Common Vulnerabilities and Exposures (CVE) identifier(s) from the central CVE database |
Base Score | The numerical severity of the issue, ranging from 0.0 to 10.0 When the vendor specifies more than one base score (for example, one base score per CVE ID), this field contains the highest score. |
Version | The latest version of the issue, usually a dot-separated numerical version string (for example, 1.2.3) This field determines if an existing security vulnerability is older than the one being imported. Only newer versions are imported successfully when versions are present. |
Status | The current state of the security vulnerability The values are vendor-specific. |
Initial Release | The date/time when the security vulnerability was first published by the vendor |
Created (8.9.02 and earlier versions) First Imported (8.9.03 and later versions) | The date/time when the security vulnerability was added to TrueSight Network Automation |
Last Modified at Source (8.9.03 and later versions) | The date/time when the security vulnerability was last updated in the Cisco or NVD repository. |
Last Imported | The date/time when the security vulnerability was last updated in TrueSight Network Automation |
Associated Rule(s) | The names of any associated compliance rules |
Vendor Link (8.9.02 and earlier versions) Vendor Links (8.9.03 and later versions) | The links to the vendor's pages containing complete details about the security vulnerability |
Description | Details about the nature of the security vulnerability, its impact, and so on |
Remediation | The steps that can be taken to mitigate, correct, or avoid the security vulnerability |
Device Types | The device type associated with the devices that are running the affected OS version This field determines whether a vulnerability refers to only one device type or all device types. |
Affected Products | The particular products, models, or operating systems affected by the security vulnerability |
Unenforceable Versions | The operating system(s) that lack any specific version information A vendor might report a very broad version or a generalized description of an operating system (for example, "all 6509 models"), but such a description cannot be converted into an OS version pattern appropriate for use in a compliance rule, thus making the versions unenforceable. If you have a device described by an unenforceable version, you might manually develop a rule by using the detailed information provided by the vendor on the vendor's link. |
Affected OS Versions | The particular device operating system version(s) that are at risk |
Related topic