Help Center/ SecMaster/ User Guide/ Risk Prevention/ Vulnerability Management/ Viewing Vulnerability Details
Updated on 2024-12-30 GMT+08:00
View PDF
Share

Viewing Vulnerability Details

Scenario

This topic describes how to view vulnerabilities details.

Prerequisites

  • You have purchased the SecMaster professional edition and the edition is within the validity period.
  • You have installed HSS agent. For details, see the Installing an Agent.
  • HSS logs have been connected to SecMaster and the function of automatically converting logs into alerts has been enabled. For details, see Data Integration. If access to HSS vulnerability scan results has been enabled during data integration but the automatic alert conversion is disabled, the vulnerability scan results will not be displayed on the Vulnerabilities page in SecMaster.

Viewing Vulnerability Details

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
  4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

    Figure 1 Workspace management page

  5. In the navigation pane on the left, choose Risk Prevention > Vulnerabilities.

    Figure 2 Accessing the vulnerability management page

  6. View vulnerability information on the Vulnerabilities page.

    Table 1 Viewing vulnerability information

    Parameter

    Description

    Vulnerability Type Distribution

    This graph displays the total number of vulnerabilities and the distribution of vulnerabilities by type.

    Top 5 Vulnerabilities
    • The Top 5 Vulnerabilities area lists the five vulnerabilities with the most affected assets. The more affected assets, the higher the vulnerability ranking is.
    • The Vulnerability ID tab displays the IDs and the affected asset quantity for the five vulnerabilities.
    • The Vulnerability Type tab displays the names, severity levels, and affected asset quantity for the five vulnerabilities.

    Top 5 Vulnerable Resources

    This graph displays the five resources with the most vulnerabilities.

    Vulnerability List
    • The vulnerable list area includes Linux Vulnerabilities, Windows Vulnerabilities, Web-CMS Vulnerabilities, and Application Vulnerabilities tabs. Table 2 lists parameters for these vulnerability tabs.
    • If there are many vulnerabilities displayed, use filters to search for a specific one.
    • To view details about a vulnerability, click the vulnerability name and view the details on the page displayed on the right.
    • You can view the total number of vulnerabilities below the vulnerability list. You can view a maximum of 10,000 vulnerability records page by page. To view more than 10,000 records, optimize the filter criteria.
    Table 2 Vulnerability parameters

    Parameter

    Description

    Vulnerability Name

    Name of the scanned vulnerability.

    Click a vulnerability name to view vulnerability description and vulnerability library information.

    Severity

    Severity level of the vulnerability.

    ID

    ID of the vulnerability.

    Affected Assets

    Total number of assets affected by a vulnerability

    Vulnerability ID

    ID of a vulnerability.

    Last Scanned

    Time of the last scan

    Handled

    This column specifies whether the vulnerability has been handled.

    SecMaster aggregates the vulnerability scan results from HSS and displays vulnerabilities on the Vulnerabilities page in SecMaster. HSS supports automatic, scheduled, and manual scans.

    • Automatic scan

      By default, the system automatically scans for Linux, Windows, and Web-CMS vulnerabilities every day and scans for application vulnerabilities every Monday. The time of an automatic application vulnerability scan changes with the middleware asset scan time. If a manual or scheduled vulnerability scan has been performed on a day, HSS will not automatically scan for vulnerabilities on that day.

    • Scheduled scan

      By default, a full server vulnerability scan is performed once a week. To protect workloads, you are advised to set a proper scan period and scan server scope to periodically scan server vulnerabilities.

    • Manual scan

      If you want to view the vulnerability fixing status or vulnerabilities of a server in real time, manual scans are recommended.

    For newly purchased ECSs, if scheduled vulnerability scan and manual scan are not configured in HSS, HSS automatically scans for Linux, Windows, and Web-CMS vulnerabilities in the early morning every day. So, you can view vulnerabilities for newly purchased ECSs on the Vulnerabilities page in SecMaster the next day. Before collecting HSS logs, make sure you have enabled HSS protection for ECSs during the purchase, installed HSS agent, and enabled access to HSS logs and the function of converting logs to alerts in SecMaster.

    For more details, see Vulnerability Scan.

Parent topic: Vulnerability Management