Help Center/ Host Security Service/ User Guide (ME-Abu Dhabi Region)/ Risk Prevention/ Vulnerability Management/ Viewing Vulnerability Details
Updated on 2024-07-12 GMT+08:00
View PDF
Share

Viewing Vulnerability Details

You can view vulnerabilities of your assets on the Vulnerabilities page.

Constraints

  • Servers that are not protected by HSS do not support this function.
  • The Server Status is Running, Agent Status is Online, and Protection Status is Protected. Otherwise, vulnerability scan cannot be performed.

Viewing Vulnerabilities on All Servers

  1. Log in to the management console.
  2. Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
  3. In the navigation pane, choose Prediction > Vulnerabilities.
  4. On the displayed page, click Linux Vulnerabilities, Windows Vulnerabilities, Application Vulnerabilities, or Web-CMS Vulnerabilities.
  5. In the vulnerability list, click a vulnerability name to view its details.

    • On the Basic Information tab, you can check vulnerability description, vulnerability fix suggestions, vulnerability CVE description, and more.
    • On the Affected tab, you can check the servers having the vulnerability and their vulnerability fix status. You can also ignore, fix, and verify the fix of vulnerabilities. For details, see Table 1.
      Table 1 Vulnerability handling operations

      Operation

      Description

      Ignore

      If a vulnerability does not affect your services, click Ignore to ignore it. HSS will not report the vulnerability before the next vulnerability scan.

      Unignore

      To let HSS report ignored vulnerabilities, click Unignore to unignore it. HSS will continue to report the vulnerability.

      Fix

      To fix Linux or Windows vulnerabilities in one click, click Fix.

      Verify

      After the vulnerability is fixed, click Verify to verify the fix.

      • If you do not perform manual verification, the vulnerability fix result will not be refreshed until the next day, after HSS performs a scan in the early morning.
      • If a vulnerability fails to be rectified, click View Cause to check the details.

Viewing Vulnerabilities on a Single Server

  1. Log in to the management console.
  2. In the navigation pane, choose Asset Management > Servers & Quota.
  3. On the Servers tab, click a server name to go to the asset management page.
  4. Click the Vulnerabilities tab and click Linux Vulnerabilities, Windows Vulnerabilities, Web-CMS Vulnerabilities, or Application Vulnerabilities.
  5. In the vulnerability list, click a vulnerability name to view its details.

    • On the Basic Information tab, you can check vulnerability description, vulnerability fix suggestions, vulnerability CVE description, and more.
    • On the Affected tab, you can check the servers having the vulnerability and their vulnerability fix status. You can also ignore, fix, and verify the fix of vulnerabilities. For details, see Table 2.
      Table 2 Vulnerability handling operations

      Operation

      Description

      Ignore

      If a vulnerability does not affect your services, click Ignore to ignore it. HSS will not report the vulnerability before the next vulnerability scan.

      Unignore

      To let HSS report ignored vulnerabilities, click Unignore to unignore it. HSS will continue to report the vulnerability.

      Fix

      To fix Linux or Windows vulnerabilities in one click, click Fix.

      Verify

      After the vulnerability is fixed, click Verify to verify the fix.

      • If you do not perform manual verification, the vulnerability fix result will not be refreshed until the next day, after HSS performs a scan in the early morning.
      • If a vulnerability fails to be rectified, click View Cause to check the details.

Viewing Vulnerability Details (Vulnerability View)

  1. Log in to the management console.
  2. In the navigation pane, choose Prediction > Vulnerabilities.
  3. View vulnerability information on the Vulnerabilities page.

    • Viewing vulnerability scan results

      In the vulnerability statistics area in the upper part of the Vulnerabilities page, view vulnerability scan results. Table 3 describes related parameters.

      Table 3 Vulnerability scan parameters

      Parameter

      Description

      Critical Vulnerabilities

      Click the number in Critical vulnerabilities. On the slide-out panel displayed, you can view all types of vulnerabilities to be urgently fixed.

      Unfixed Vulnerabilities

      Click the number in Unfixed Vulnerabilities. On the slide-out panel displayed, you can view all types of vulnerabilities that are not fixed.

      Servers with Vulnerabilities

      Click the number in Servers with Vulnerabilities. You can view the servers with vulnerabilities in the lower part of the Vulnerabilities page.

      Vulnerabilities Handled Today

      Click the number in Vulnerabilities Handled Today. On the slide-out panel displayed, you can view all types of vulnerabilities that have been handled today.

      Vulnerabilities Handled in Total

      Click the number in Vulnerabilities Handled in Total. On the slide-out panel displayed, you can view all types of vulnerabilities that have been handled. The number is just the quantity of vulnerabilities handled within one year.

      Detectable Vulnerabilities

      Displays the number of vulnerabilities that can be detected by HSS.

      Scans in Total

      Displays the number of vulnerability scans.

      Click Scan to manually scan for vulnerabilities on servers.
    • Viewing the importance of assets affected by a vulnerability

      In the vulnerability list in the lower part of the page, view the importance of the asset affected by a vulnerability in the Affected Servers column.

      • : major asset
      • : minor asset
      • : test asset
    • Viewing vulnerability details

      Click the name of a target vulnerability. On the vulnerability details slide-out panel displayed, you can view the repair suggestions, CVE details, affected servers, and historical handling records of the vulnerability.

    • Viewing handled vulnerabilities or vulnerabilities to be handled

      Above the vulnerability list, select Unhandled or Handled from the vulnerability handling status drop-down list to filter vulnerabilities to be handled or that have been handled.

    • Exporting the vulnerability list

      Click Export above the vulnerability list to export vulnerability data with just one click. Then, you can view vulnerability information on your local PC.

      A maximum of 30,000 vulnerabilities can be exported at a time.

      • A maximum of 5,000 application vulnerabilities can be exported at a time.
      • HSS automatically performs a comprehensive scan in the early morning every day. After the scan is complete, you can download the vulnerability report.

Viewing Vulnerability Details (Server View)

The basic edition does not support this operation.

  1. Log in to the management console.
  2. In the navigation pane, choose Prediction > Vulnerabilities.
  3. In the upper right corner of the Vulnerabilities page, click Server view to view vulnerability information.

    • Viewing vulnerability scan results

      In the vulnerability statistics area in the upper part of the Vulnerabilities page, view vulnerability scan results. Table 4 describes related parameters.

      Table 4 Vulnerability scan parameters

      Parameter

      Description

      Critical vulnerabilities

      Click the number in Critical vulnerabilities. On the slide-out panel displayed, you can view all types of vulnerabilities to be urgently fixed.

      Unfixed Vulnerabilities

      Click the number in Unfixed Vulnerabilities. On the slide-out panel displayed, you can view all types of vulnerabilities that are not fixed.

      Servers with Vulnerabilities

      Displays the number of servers with vulnerabilities.

      Vulnerabilities Handled Today

      Click the number in Vulnerabilities Handled Today. On the slide-out panel displayed, you can view all types of vulnerabilities that have been handled today.

      Vulnerabilities Handled in Total

      Click the number in Vulnerabilities Handled in Total. On the slide-out panel displayed, you can view all types of vulnerabilities that have been handled.

      Detectable Vulnerabilities

      Displays the number of vulnerabilities that can be detected by HSS.

      Scans in Total

      Displays the number of vulnerability scans.

      Click Scan to manually scan for vulnerabilities on servers.
    • Viewing server details and vulnerabilities on servers
      1. Click the name of a target server. On the server details slide-out panel displayed, you can view details about the server and vulnerabilities on the server.
      2. Click the name of a target vulnerability. On the vulnerability details slide-out panel displayed, you can view the CVE details, affected servers, and historical handling records of the vulnerability.
    • Viewing handled vulnerabilities or vulnerabilities to be handled

      Above the vulnerability list, select Unhandled or Handled from the vulnerability handling status drop-down list to filter vulnerabilities to be handled or that have been handled.

    • Exporting the list of servers with vulnerabilities

      Click Export above the vulnerability list to export vulnerability data with just one click. Then, you can view vulnerability information on your local PC.

      A maximum of 30,000 vulnerabilities can be exported at a time.

      • A maximum of 5,000 application vulnerabilities can be exported at a time.
      • HSS automatically performs a comprehensive scan in the early morning every day. After the scan is complete, you can download the vulnerability report.

Parent topic: Vulnerability Management