In Nebula, Vulnerability Assessment shows vulnerabilities for installed software and operating systems on managed endpoints.
Vulnerability data is stored and displayed for up to 90 days prior across all endpoints. When an endpoint is removed from Nebula, its vulnerabilities are removed from the console after 48 hours.
TIP - To see the latest vulnerabilities identified on your endpoints, run or schedule an Inventory & Vulnerability Scan. For more information, see Configure Vulnerability Assessment in Nebula.
Vulnerabilities page
On the left navigation menu, go to Monitor > Vulnerabilities to view vulnerabilities across your environment.
Endpoint information
The following information is displayed for each endpoint vulnerability.
Column | Description |
Application | Detected application name with the vulnerability. |
Application version | The current version of the application. |
CISA recommended |
|
CVE |
|
Description | Description of the vulnerability and how it is used to exploit the application. |
Domain name | The corresponding domain of the endpoint. |
Endpoint | Host name of the vulnerable endpoint. |
Group | The corresponding group of the endpoint. |
Identified date | Date the vulnerability was detected on the endpoint. |
OS platform | Windows or macOS. |
OS release name | The public release name of the operating system. |
OS type | Workstation or server. |
OS version | The version of the operating system. |
Severity |
The severity level of a vulnerability is reached using a calculated score based on Common Vulnerability Scoring System (CVSS) and by analyzing real data, with the following inputs:
|
Update available |
Whether an update is available in the console to resolve the vulnerability. |
Vendor | Vendor name of the installed software which is vulnerable. |
Manage vulnerabilities
If you have Patch Management, vulnerabilities can be patched from this page by updating software. To update software from this page:
- Check the boxes for specific CVE numbers.
- Click Actions > Update Software.
- In the confirmation window, click Update.
After the software update is finished, the item is removed from the Vulnerabilities page with the next scheduled Inventory & Vulnerability scan. You can also manually update the list of vulnerabilities and patchable software by issuing an Inventory & Vulnerability scan task from the Endpoints page. A vulnerability cannot be manually removed or excluded from the list of vulnerabilities.
Endpoints page
Navigate to the Vulnerabilities tab to view the vulnerabilities of a specific endpoint. To locate the Vulnerabilities tab:
- Go to Manage > Endpoints.
- Click an endpoint name to view the endpoint's properties.
- Click Vulnerabilities.
Return to Nebula Vulnerability Assessment guide.