When a vulnerability is detected on a managed device, it's important to understand the specifics so appropriate action can be taken. This article outlines the step-by-step process to access and interpret detailed vulnerability information from the device view within the product portal.
Step-by-Step Instructions
1. Access the Device Management Page
- Log in to the saner CVEM console and go to the respective Account.
- Navigate to the Device Management Page from the left-hand side menu bar.
- This page lists all devices under your account.
2. Select the Target Device
- Locate and click on the device for which you want to review vulnerability data.
- This will open the Device Details page, where you can monitor various metrics and statuses.
3. Navigate to the Vulnerabilities Section
- Within the Device Details view, scroll to the section labeled Vulnerabilities.
- Here, you’ll see a high-level summary of vulnerabilities detected on this specific device.
4. Review the Asset/Application List
- The Asset List displays all applications or components on the device that are associated with known vulnerabilities.
- Each entry includes a Risk Count, which indicates the number of vulnerabilities affecting that asset.
5. Expand the Asset to View Vulnerability Details
- Click the “+” (expand) icon next to the relevant asset or application name.
- This will reveal a list of vulnerabilities linked to that asset.
6. Understand the Vulnerability Attributes
For each listed vulnerability, the following information will be provided:
Field | Description |
CVE ID | The Common Vulnerabilities and Exposures (CVE) identifier for the vulnerability. |
Title | A brief title or name of the vulnerability. |
Severity | The severity rating (e.g., Low, Medium, High, Critical). |
Port/Service | The network port or service where the vulnerability was identified. |
Detected Date | The date the vulnerability was first detected on the device. |
Release Date | The date of the vulnerability was published in the CVE database or vendor bulletin. |
Evidence | A link to evidence supporting the vulnerability detection. |
Fix Information | Recommended action or patching guidance to remediate the vulnerability. |
Viewing Evidence for More Context
To assess technical details behind the vulnerability detection:
- Click on the Evidence link next to a listed vulnerability.
- A detailed view will open, showing:
- The exact product or component impacted
- Version number of the vulnerable component
- File path of the affected application or library on the device
- Any supporting metadata or signature that confirmed the vulnerability’s presence
This level of detail can be especially useful for IT teams performing forensic analysis or planning remediation activities.
Understanding Vulnerability Criteria
Each vulnerability entry includes a condition or matching definition under the CVE ID section. This definition outlines:
- The logic used to consider a library or application as vulnerable (e.g., version comparison, presence of specific files or signatures)
- The exact matching rule or detection logic applied during the scan
Understanding this condition helps in evaluating the validity and scope of the risk.
Need Assistance?
If you require further clarification or help interpreting the vulnerability data, please contact our support team. We’ll be happy to assist you in prioritizing and remediating any risks.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article