Data columns in Vulnerability Management view

In the Vulnerability Management view, you can select from the following data columns to display in the vulnerability lists.

Vulnerability ID

The CVE code for the vulnerability.

Asset Name (Assset at risk)

The unique identifier assigned to an asset, enabling efficient tracking, management, and troubleshooting. You can update this information within the classic N-sight.

CVSS

Numerical score as per CVSS (Common Vulnerability Scoring System) for the vulnerability.

Severity

Critical, Important, Moderate, and Low.

Threat Status

Resolved or Unresolved.

Affected Products

Product name affected by the vulnerability.

Customer

Name of the Client the asset belongs to.

Site

The name of the Client site where the device resides.

Date Published

The date the vulnerability CVE was published.

First detected

Initial detection date for the vulnerability on the device.

Last updated

The most recent date of the previous vulnerability information update.

Update available

Indicates if an update that will resolve the vulnerability is available (Yes or No).

Risk Score

This score gives an overall view of how severe the vulnerability is by considering factors like how well-known the CVE is, the risk of it being compromised, and its life cycle.

OS Role

Operating system type:

• Server
• Workstation

Has exploit

Indicates if the vulnerability has a known exploit, Yes or No.

CISA KEV

Indicates if the vulnerability is listed in the CISA (Cybersecurity and Infrastructure Security Agency) KEV (Known Exploited Vulnerabilities) Catalog. Yes or No.

Has ransomeware

Indicates if the vulnerability is known to be used in ransomware campaigns. Yes or No.

CWEs

The Common Weakness Enumeration (CWE) ID. Common software and hardware weakness types that could have security ramifications.

A weakness is a condition in a software, firmware, hardware, or service component that, under certain circumstances, could contribute to the introduction of vulnerabilities.

A CWE is assigned an ID in the form CWE-<ID>, where the <ID> is simply a unique number chosen at the time of assignment (e.g., “CWE-798”). The CWE-ID is followed by a descriptive name for the weakness (e.g., “CWE-798: Use of Hard-coded Credentials”).

See the CWE website for full details.

Related articles

• Vulnerability Management (New)
• Run the Vulnerability scan