The Libraries page provides a list of all libraries that are in use by the corresponding applications. The page highlights the vulnerabilities and associated risks introduced by the use of those libraries. 

This image is an example of the Libraries page:

Libraries Page

  • You can use the Search filter for the Affected Tiers, Status, and Existing Libraries categories. For more information about the Search filter, see View Data Using Search Filter in Monitor Application Security Using Cisco Secure Application.
  • The Set Status and Edit Note bulk edit options are available if you have the Configure Cisco Secure Application permission.

The libraries page includes these details:

Field NameDescription
Existing Libraries

Existing libraries in the selected application.

You can click on the row to view the details of the library. See View Vulnerabilities for a Library.

Click this field to sort the libraries in alphabetical order.

Risk

The risk score given to the library. This helps to identify which libraries require immediate remediation. The higher the risk score, the higher the impact of the collection of vulnerabilities within the library.

Click this field to sort the risk score from high to low or low to high.

Vulnerabilities

The number of vulnerabilities based on severity. Severity is represented with the following colors:

Red = Critical

Orange = High

Yellow = Medium

Purple = Low

If any of the preceding colors are replaced with the grey color, it indicates that there are no vulnerabilities with that specific severity. For example, Vulnerabilities display the grey, orange, yellow, and purple colors instead of the red, orange, yellow, and purple colors. This indicates that there are no critical vulnerabilities.

Click this field to sort in increasing or decreasing order based on the number of vulnerabilities.

Affected Tiers

The application tier that is vulnerable because of its relationship to the corresponding library.

Click the flow map icon () next to an application to view the application flow map in the AppDynamics dashboard.

Remediation The recommended version of the library that can be used for remediation.
Status

The status of the vulnerable libraries. By default, when a vulnerability is detected the value is Discovered.

The status value can be:

  • Discovered (at least one vulnerability is discovered in the library)
  • Confirmed (Library is reviewed)
  • Fixed (Library is fixed)
  • Ignored (the library does not require to be considered when remediating vulnerability libraries because of some mitigations or exception)
  • Not Vulnerable (no vulnerabilities are found in the library)

The Discovered and Fixed status are auto-populated.

If you have the Configure Cisco Secure Application permission, you can change the Status by selecting the required libraries and using the Set Status option.

You must have the configure permission to view and use the Set Status option.

Note

Notes can be used to share information with other users or document findings during the review of a vulnerability.

If you have the Configure permission, you can add notes by selecting a library and using the Edit Note option. Without the Configure permission, the Edit Note option is unavailable.

View Vulnerabilities for a Library

To view all the vulnerabilities within a specific library, click the row on the Libraries page. This directs you to the library details page with the following information:

Libraries Detail Page 

The upper pane displays the details about the vulnerable library including the risk involved, any remediation to be taken, and the Library Notes. You can copy the notes if required.

If you have the Configure Cisco Secure Application permission, then you can add or edit the Library Notes.

The bottom pane provides the following details:

You can use the Search filter to view the vulnerability details list based on the Severity or the Vulnerability value. For more information about the Search filter, see View Data Using Search Filter in Monitor Application Security Using Cisco Secure Application.

Field NameDescription
Vulnerability

The vulnerabilities scanned for the selected library.

Click the field to sort in increasing or decreasing order.

Click the CVEs to view the vulnerability details. For information about Vulnerabilities, see Monitor Vulnerabilities.

Severity

The severity of the vulnerability.

Click the field to sort the severity in alphabetical order.

Existing Library

The library that introduced the vulnerability to the application.

Remediation CandidateThe version of the library that should be used to remediate the vulnerability.