Viewing risk details

Risk details include information from the risks table and the following fields:

• Risk type – code of the risk type.
• Description – description defined for the risk type or the corresponding vulnerability.
• Base score – initial value used for calculating a numeric value for a risk score.

For a Vulnerability risk, additional information is displayed in the following fields and groups of fields:

• CVSS vector – record of metrics used to calculate a CVSS vulnerability score.
• Attack conditions – description of the vulnerability exploitation conditions.
• Impact – description of the potential effects from exploitation of the vulnerability.
• Mitigations – recommendations on remediating the vulnerability (for example, which software version should be installed on the device).
• Links – links to publicly available resources containing additional information about the vulnerability.
• CVE history – dates of identification, confirmation, and publication of the vulnerability in publicly available sources.

To view information about a risk:

Select the relevant risk in the risks table.

In the right part of the web interface window, you will see the area containing detailed information about the risk.

To view the details of a Vulnerability risk on the Devices tab in the Assets section:

Click the name of the vulnerability (displayed as a CVE ID or other identification number of the vulnerability) in the Risks column or in the details area of a device with this risk.

You will see a window containing detailed information about the vulnerability.