Viewing and Handling Local Image Scan Results

Scenarios

HSS can present image security statistics in the risk view and image view, helping you comprehensively learn, locate, and fix image risks.

• Risk view: View all the scan results of a risk. Local image risks include system vulnerabilities and application vulnerabilities.
• Image view: View the scan results of a single image. Local image scan results include system vulnerabilities, application vulnerabilities, and software information.

You can view and handle local image scan results in Risk View or Image View.

Viewing and Handling Local Scan Results in the Risk View

1. Log in to the HSS console.Log in to the management console.
2. Click in the upper left corner and select a region or project.
3. In the navigation pane on the left, choose Risk Management > Container Images.
4. In Risk View, click Unsafe Configuration > Common Weak Passwords, System Vulnerabilities or Application Vulnerabilities. Filter Local images, and view and handle the scan results. For details, see Table 1.
   Figure 1 Local image risk view
   

   Table 1 Local image scan result parameters

   Risk Type	Description
   System Vulnerabilities	OS vulnerability scan results. You can perform the following operations: View vulnerability details Click a vulnerability notice name. On the vulnerability details page, view the vulnerability notice, CVE (for system vulnerabilities only), suggestions, affected images, and handling history. Handle vulnerabilities Ignore If a vulnerability does not need to be handled for now, you can ignore it. It will still be displayed in future scan results. Add to whitelist If a vulnerability does not affect your services, you can add it to the whitelist. Fix Fix the vulnerability by referring to the suggestions in the vulnerability details.
   Application Vulnerabilities	Application software vulnerability scan results. You can perform the following operations: View vulnerability details Click a vulnerability notice name. On the vulnerability details page, view the vulnerability notice, suggestions, affected images, and handling history. Handle vulnerabilities Ignore If a vulnerability does not need to be handled for now, you can ignore it. It will still be displayed in future scan results. Add to whitelist If a vulnerability does not affect your services, you can add it to the whitelist. Fix Fix the vulnerability by referring to the suggestions in the vulnerability details.
   Common Weak Password Risks	Image weak password scan result. The scan result contains the account name, account type, masked weak password, weak password usage duration, affected image, and image tag. You can log in to the account to change its password. To let HSS scan for user-defined weak passwords, perform the following operations: Click the Common Weak Password Risks tab and click Manage Weak Password. Configure weak passwords and click OK.

Viewing and Handling Local Scan Results in the Image View

1. Log in to the HSS console.Log in to the management console.
2. Click in the upper left corner and select a region or project.
3. In the navigation pane on the left, choose Risk Management > Container Images.
4. Click the Image View tab.
   Figure 2 Image view
   

5. Click the Local Images tab.
6. In the Operation column of an image, click View Results to go to the image details page.
7. View and handle risk scan results. For details, see Table 2.
   Figure 3 Local image scan details
   

   Table 2 Local image scan result parameters

   Risk Type	Description
   System Vulnerabilities	OS vulnerability scan results. You can perform the following operations: View vulnerability details Click a vulnerability name to go to its details page. View the vulnerability description, urgency, and affected images. Handle vulnerabilities Ignore If a vulnerability does not need to be handled for now, you can ignore it. It will still be displayed in future scan results. Add to whitelist If a vulnerability does not affect your services, you can add it to the whitelist. Fix To fix a system vulnerability, upgrade the software affected by it. Click To upgrade the affected software to go to the security notice details page. View the affected components, CVE, and more information.
   Application vulnerabilities	Application software vulnerability scan results. You can perform the following operations: View vulnerability details Click a vulnerability name to go to its details page. View the vulnerability description, urgency, and affected images. Handle vulnerabilities Ignore If a vulnerability does not need to be handled for now, you can ignore it. It will still be displayed in future scan results. Add to whitelist If a vulnerability does not affect your services, you can add it to the whitelist. Fix To fix an application vulnerability, hover the cursor over the solution description of a vulnerability to view the solution. To install a patch, access the patch installation guide link provided in the solution, and install the patch accordingly.
   Software Information	Statistical results of image software, including the software names, types, versions, and number of software vulnerabilities. Click next to a software name to view its vulnerability name, urgency, and solution.
   Common Weak Password Risks	Image weak password scan result. The scan result contains the account name, account type, masked weak password, weak password usage duration, and image tag. You can log in to the account to change its password.