Device information used to check for vulnerabilities
Just like when verifying that vulnerabilities have been remediated, when checking devices for vulnerabilities the application utilizes the following device information:
- Hardware vendor.
- Hardware model.
- Hardware version.
- Software vendor.
- Software name.
- Software version.
The application compares this information with the descriptions of devices in the corresponding fields of the database of known vulnerabilities. In the database, descriptions of devices are stored in the CPE (Common Platform Enumeration) language format. The application compares the information with these descriptions by automatically converting the information into the CPE language format.
For each vulnerability, the contents of matching descriptions are provided in the details area in the Matched CPE section. Depending on which type of device information matched the description of a device in the database, the Matched CPE section may display the following information:
- Hardware CPE code, Hardware description – if the device information Hardware vendor, Hardware model and Hardware version matched descriptions in the database.
- Software CPE code, Software description – if the device information Software vendor, Software name and Software version matched descriptions in the database.
