You can work with some attributes of a vulnerability in the Vulnerability Detail window.
To navigate to the Vulnerability Detail window:
- Click the Vulnerabilities tab.
- On the Vulnerabilities page, locate the web application you want to work with. Click View or anywhere in the associated table row.
- On the Vulnerabilities on <web application name> page, locate the vulnerability you want to work with. Click View or anywhere in the associated table row.
The Vulnerability Detail window for that specific vulnerability appears.
The Vulnerability Detail window displays details about one specific vulnerability found within the scan.
This window includes the following information. Numbered regions correspond to numbered sections in the article below.
1. Title Section
The title section of the page includes:
- The name of the vulnerability.
- The web application on which it was found.
- An icon indicating the severity of the vulnerability.
|Attack severity is Critical|
|Attack severity is High|
|Attack severity level is Medium|
|Attack severity level is Low|
|You have marked this vulnerability as a False Positive|
2. Basic Information
The main section of the page includes information from the overview page:
- ID – A unique identifier for each specific vulnerability in this specific web application.
- URL – The specific URL within the web application that is affected by this vulnerability.
- Parameter – The specific component of the web application that is affected by this vulnerability.
- *Mitigate on WAF in – How this vulnerability is mitigated. You can change the selection here, if you choose.
All vulnerabilities start as New, without a category. After you change a new vulnerability to a different category, you cannot change it back to New.
- Green / Active Mode – Performs the action configured in association with the perceived threat.
- Yellow / Passive Mode – Logs violating events and allows the request to pass through.
- Blue / Manual – Enables you to mitigate the vulnerability manually.
- Grey / Ignore – Does not take any action with this vulnerability, and marks it to be ignored.
For details on using Active and Passive Mode, refer to Understanding Passive Mode and Active Mode.
*Editable fields. Your changes are saved in the system so they appear wherever these fields appear.
The Details tab includes detailed information about the vulnerability and includes editable fields.
Information on the Details tab:
- *Severity – How serious the threat is to your web application. Levels include Critical, High, Medium, Low, and False Positive. You can change this value based on your assessment of the severity level.
- Confidence – How likely it is that your website has this vulnerability. Confidence levels include Certain, Likely, and Possible.
- Last Found – The date of the most recent scan in which this vulnerability was found.
- First Found – The date of the first scan in which this vulnerability was found.
- *User Notes – A free-form field where you can add your own notes about the vulnerability.
- CVSS – The National Vulnerability Database's Common Vulnerability Scoring System score and vector. Refer to https://nvd.nist.gov/cvss.cfm for details.
- Details – Describes, in detail, how the scanner detected this vulnerability.
*Editable fields. Your changes are saved in the system, so they appear wherever these fields appear.
Scan History Tab
The Scan History tab shows the status of this vulnerability in scans of this web application, from the scan with the First Found date to the scan with the Last Found date.
Information on the Scan History tab:
- Scan Date – The date the scan was run.
- Configuration – The name of the scan.
- Type – The description of the scan.
- Status – Whether the vulnerability was found in that specific scan.
Below the table, you can see the total number of scans between the First Found and Last Found dates. You can choose how many rows of the table you want to show and navigate through the list with the navigation buttons.
WAF Logs Tab
The WAF Logs tab shows log information from the Barracuda Web Application Firewall associated with this scan.
Information on the WAF Logs tab:
- Date – Date the scan was run, in the form Year-Month-Day.
- Time – Time the scan was run, in the form Hours:Minutes:Seconds:Milliseconds.
- User Agent – The name and version of the browser or other client software making the request.
- Client IP – The IP address of the client that originated the request.
- Method – The HTTP method used by the request.
- Action – The action to be taken for a particular type of web attack.
- Query String – The query part of the request.
Audit Trail Tab
The Audit Trail tab shows all activity associated with this vulnerability, including when it was created and any changes to the mitigation method.
Information on the Audit Trail tab:
- Time – Date and time the action was performed. Most recent events are listed at the top of the table.
- User – The username responsible for the action.
- Action – A brief description of the action taken and whether it was successful.