Download PDF
Download page Monitor Libraries.
Monitor Libraries
The Libraries page provides a list of all libraries that are in use by the corresponding applications. The page highlights the vulnerabilities and associated risks introduced by the use of those libraries. You can use the Search filter for the Application, Package Language, Tiers, Status, and Libraries categories. See Monitor Application Security Using Cisco Secure Application.
The Libraries page includes these details:
Field Name | Description |
---|---|
Library | Libraries in the selected application. You can click on the row to view the details of the library. See View Vulnerabilities for a Library. |
Application | The application name that uses the corresponding library. |
Tier (Nodes) | The application tier that is vulnerable because of its relationship to the corresponding library. Click the flow map icon ( |
Highest Cisco Security Risk Score | The Cisco Security Risk Score provides an estimate of exploitation based on real-time events. These are the three statuses: Green 0-33, Amber 34-66, Red 67-100. |
Highest CVSS Score | This score is based on the Common Vulnerability Scoring System (CVSS) with five severities: None 0-0, Low 0.1-3.9, Medium 4.0-6.9, High 7.0-8.9, Critical 9.0-10.0. |
Total Vulnerabilities | The number of vulnerabilities based on severity:
Hover on the required color to know the severity. Click this field to sort in increasing or decreasing order based on the number of vulnerabilities. |
Remediation | The recommended version of the library that can be used for remediation. |
Status | The status of the vulnerable libraries. By default, when a vulnerability is detected the value is Detected. The status value can be:
The Detected, Downgraded, and Upgraded status are auto-populated. If you have the Configure Cisco Secure Application permission, you can change the Status by selecting the required libraries and using the Set Status option. You must have the Configure permission to view and use the Set Status and Edit Note options. Click this field to sort based on the status of the vulnerable library. |
View Library Details
To view all the vulnerabilities within a specific library, click the row on the Libraries page. The top, and bottom pane displays these details:
Field Name | Description |
---|---|
Library | Libraries in the selected application. You can click on the row to view the details of the library. See View Vulnerabilities for a Library. |
Type | The language used for the corresponding library. |
Application | The name of the application that uses the selected library. |
Tier (Nodes) | Name of the affected tier. You can click the flow map icon ( |
File Path | The location of the file system, which identifies that the node has a file to that path. This also identifies that the library is from your application. |
Status | The status of the library. |
Remediation Candidate | The version of the library that should be used to remediate the vulnerability. |
Highest Cisco Security Risk Score | The Cisco Security Risk Score provides an estimate of exploitation based on real-time events. These are the three statuses: Green 0-33, Amber 34-66, Red 67-100. |
Highest CVSS Score | This score is based on the Common Vulnerability Scoring System (CVSS) with five severities: None 0-0, Low 0.1-3.9, Medium 4.0-6.9, High 7.0-8.9, Critical 9.0-10.0. |
Vulnerabilities By Severity | The number of vulnerabilities based on severity:
|
Reached | A yellow icon is displayed in this column to indicate that a vulnerability method is matched. |
ID | The Common Vulnerabilities and Exposure (CVE) identifier. Click the CVEs to view the vulnerability details. For information about Vulnerabilities, see Monitor Vulnerabilities. |
Current Library | The library that introduced the vulnerability to the application. |
You can click the Export button to download the table data. It downloads all of the rows, columns, and related data in a .csv
file. A separate .json
file includes the following: link to the Cisco Secure Application website where the table is exported from, global filters (if any) applied to the pages, and search filters applied to the columns. These two files are compressed into a .zip
file for downloading. The maximum number of rows that can be exported is 10,000. If table data exceeds 10,000 rows you may apply filters to narrow your search, or export the first 10,000 results.