View vulnerability details
Depending on your organization, you’ll likely want to start with the most critical vulnerabilities first, so that you can assess their severity given your particular device, its environment and its use. In the Base score column, you’ll see both a v2 and a v3 score. Older devices may not have a v3 score, while newer devices may not have a v2 score. We recommend that you mitigate the v3 score first.
Rescore a vulnerability
You can individually rescore any vulnerability associated with a particular product version. If you've already applied a rescore profile to this product version, this individual rescore will override the profile rescore. Refer to Rescore an individual vulnerability for more information.
Remediate a vulnerability
Initially, all of your vulnerabilities will have a Status of blank. For CycloneDX status, you'll ultimately want to remediate each of these to either Exploitable or Not affected. For VEX status, you’ll ultimately want to remediate each of these to either Affected or Not affected. Refer to Rescore an individual vulnerability for more information.
Depending on your organization, you’ll likely want to start with the most critical vulnerabilities first, so that you can assess their severity given your particular device, its environment and its use. In the Base score column, you’ll see both a v2 and a v3 score. Older devices may not have a v3 score, while newer devices may not have a v2 score. We recommend that you mitigate the v3 score first.
If you’ve previously assessed a vulnerability, but you see an Updated on date display in the Detected on column, this indicates that the vulnerability has been updated. You’ll want to check to make sure that this doesn’t increase its severity or exploitability for your particular case.
Last updated