Viewing Vulnerabilities
Click to view navigation pane


Viewing Vulnerabilities in VMDR OT

The Vulnerabilities tab gives you a complete view of the vulnerability posture of the assets in your industrial network.

Consolidated view of ICS vulnerabilities

In the upper left corner, you see your network's total count of vulnerability detections. These are the vulnerabilities detected by Qualys Network Passive Sensor.

In the search bar, you can build QQL queries to narrow down the scope of your vulnerability search by using the supported search tokens. For more information, see Search Tokens for VMDR OT.

Right below the total detections, you see vulnerabilities grouped into various categories. After you click a category in this list, your selection gets translated into a QQL query in the search bar, and the vulnerabilities that fit into your selected category are displayed in the vulnerabilities table.

Search narrowed down to view only Confirmed vulnerabilities.

By using the date and time range selector next to the search bar, you can choose to view vulnerabilities detected within a specific time period.

Date time range picker.

The vulnerabilities table contains the list of detected vulnerabilities and their following details:

  • QID, the unique Qualys ID assigned to the vulnerability
  • Vulnerability title
  • Severity level (1-5) determined by the security risk associated with its exploitation
  • When the vulnerability was last detected on the asset
  • When the vulnerability was first detected on the asset
  • Asset on which the vulnerability is detected
  • Rack/Slot details

If you are interested in viewing granular details of a vulnerability, click the QID. On the Vulnerability Details page, you can view the detection summary, general information about the detected vulnerability, information about known exploits for the vulnerability available from third-party vendors and/or publicly available sources, available patches to fix the vulnerability and any published malware associated with the vulnerability.

To view details of a vulnerability, click the QID from the Vulnerability tab

The detection summary and general information about the detected vulnerability are displayed on the Vulnerability details page. The Vulnerability details page contains information about known exploits for the vulnerability available from third-party vendors and/or publicly available sources, available patches to fix the vulnerability, and any published malware associated with the vulnerability.

You can view Customized Solution Comments for ICS QID in the General Information section of Vulnerability Details. It allows you to write customized solutions specific to your environment.

qid details.

To add the solution comment for the vulnerability, go to VM/VMDR > KnowledgeBase and select Edit from the Quick Actions menu of the desired QID.

Go to the Solution section, and enter your Solution Comments.

Related Topics

Viewing KnowledgeBase

 

 

Was this topic helpful?

success Thank you! We're glad to hear that this topic was useful.
success We appreciate your feedback. We'll work to make this topic better for you in the future.