Page tree

This topic only applies to Armor Anywhere users.

Overview

You can use the Scan Details screen to view information for a specific vulnerability scanning report within an interactive table. 

This screen also displays a description of the detected vulnerability, including links to external resources, such as the National Vulnerability Database. 

You can use this information to prioritize how to troubleshoot these vulnerabilities, as well as understand how these vulnerabilities can affect your environment.  

This screen also displays severity levels for each detected vulnerability. A severity is assigned to a vulnerability based on the Common Vulnerability Scoring System (CVSS). CVSS is the accepted system to rate the severity status of a vulnerability. To learn more, please see the National Vulnerability Database website. 



Access and view detailed report information

  1. In the Armor Management Portal (AMP), on the left-side navigation, click Security.
  2. Click Vulnerability Scanning.
  3. Locate and select a vulnerability scanning report. 
  4. In the next screen, you can filter the table By Vulnerabilities or By VM (virtual machine / host). 

Filter by vulnerabilities

When you filter the table By Vulnerabilities, you will see: 

Column NameDescription
Vulnerability Name

This column displays the name of the vulnerability.

You can click the Vulnerability Name to learn more about the vulnerability. You will be taken to a description page where you can review a description of the vulnerability, including the solution. To learn how to troubleshoot, see Troubleshoot a vulnerability.
Affected Assests

This column displays the virtual machines (host) affected by the vulnerability.

If you are unfamiliar with the name of a virtual machine, you can use the Virtual Machines screen to search.

  1. Copy the desired virtual machine name (host name or CoreInstance ID).
  2. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  3. Click Virtual Machines.
  4. In the search field, paste the virtual machine name (host name or CoreInstance ID), and then click the magnifying glass icon.
Date Discovered

This column displays the date the vulnerability was discovered.

  • This date will correspond with the date of the scan.
CVSS

This column displays the CVSS, a score attached to a vulnerability to determine the vulnerability's severity.

Severity

This column displays the severity of the vulnerability.

There are four severity types, based on the vulnerability's CVSS:

  • Critical
    • Critical vulnerabilities receive a score of 10.
  • High
    • High vulnerabilities receive a score of 7-10.
  • Medium
    • Medium vulnerabilities receive a score of 4-7.
  • Low
    • Low vulnerabilities receive a score of 0-4.
       

There is an additional severity type called Info. Although Info is listed as a severity type, in reality, Info simply displays activity information for corresponding plugins from third-party vendors. 


Export a report of vulnerabilities

From the By Vulnerability section, you can also download a CSV report.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security.
  2. Click Vulnerability Scanning.
  3. Click By Vulnerability.
  4. (Optional) Ue the filter function to customize the data displayed.
  5. Below the table, click CSV.
    • You have the option to export all the data (All) or only the data that appears on the current screen (Current Set). 

Filter by virtual machines

When you filter the table By VM (virtual machines / host) you will see: 

ColumnDescription
VM Name

This column displays the virtual machines (host) affected by this vulnerability.

If you are unfamiliar with the name of a virtual machine, you can use the Virtual Machines screen to search.

  1. Copy the desired virtual machine name (host name or CoreInstance ID).
  2. In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
  3. Click Virtual Machines.
  4. In the search field, paste the virtual machine name (host name or CoreInstance ID), and then click the magnifying glass icon.
StatusThis column displays if the virtual machine was successfully Scanned or if the virtual machine is Offline.
CriticalThis column displays the number of vulnerabilities that contained a score of 10.
HighThis column displays a vulnerability that scored between 7 to 10 on the CVSS.
MediumThis column displays a vulnerability that scored between 4 to 7 on the CVSS.
LowThis column displays a vulnerability that scored between 0 to 4 on the CVSS.
InfoThis column displays activity information regarding corresponding plugins from a third-party vendor.

Export a report of a virtual machines

From the By VM section, you can also download a CSV report.

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security.
  2. Click Vulnerability Scanning.
  3. Click By VM.
  4. (Optional) Ue the filter function to customize the data displayed.
  5. Below the table, click CSV.
    • You have the option to export all the data (All) or only the data that appears on the current screen (Current Set). 

Troubleshoot a vulnerability 

Each listed vulnerability contains information on how troubleshoot the vulnerability, typically by downloading a patch from an external source. 

  1. In the Armor Management Portal (AMP), on the left-side navigation, click Security.
  2. Click Vulnerability Scanning.
  3. Select a vulnerability scanning report. 
  4. In the next screen, select By Vulnerabilities.
  5. Select a vulnerability. You will be taken to a description page where you can review a description of the vulnerability, including the solution. 
  6. Under See Also, click the link to access external information and to download a patch. 

To return to the previous screen and view additional vulnerabilities for the current report, click the name of the current report in the top menu.






In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.