This page describes the Cloud Security metrics that are available in order to detect vulnerabilities. These security findings provide a comprehensive overview of vulnerabilities across your entire monitored environment.
Navigate Vulnerabilities
On the Vulnerabilities page, you can view these security details:
CVE ID: The Common Vulnerabilities and Exposure (CVE) identifier.
Package name: The name of the package that is affected by vulnerabilities.
Affected version: The version that has vulnerabilities.
Fix version: The recommended version that can remediate the vulnerability.
Cisco Security Risk Score: This score provides an estimate of exploitation based on real-time events. These are the three statuses: Green 0-33, Amber 34-66, Red 67-100.
CVSS score: This score is based on the Common Vulnerability Scoring System (CVSS) with five severities: None 0-0, Low 0.1-3.9, Medium4.0-6.9, High 7.0-8.9, Critical 9.0-10.0.
Overview UI Screenshot
Filter Vulnerabilities
You can filter vulnerabilities by Cisco Security Risk Score and CVSS Score.
To filter by Cisco Security Risk Score:
Navigate to Vulnerabilities.
Select the drop-down menu under Cisco Security Risk Score.
Choose Critical, Warning, or Normal.
To filter by CVSS Score:
Navigate to Vulnerabilities.
Select the drop-down menu under CVSS Score.
Choose Critical, High, Medium, or Low.
Security Details for CVE IDs
When you click on a specific CVE ID, you can view these security details:
CVSS score
Cisco Security Risk Score details:
Easily exploitable
Malware exploitable
Active internet breach
Popular target
Predicted exploitable
Severity score graph
Fix details:
Package
Affected version
Fix version
Affected container images:
Image name
Impacted pods
Overview UI Screenshot
Under Severity score, you can toggle between CVSS or Kennato better visualize the different scores in the graph.
