CSM 10.4 Documentation

Home

View Vulnerabilities from the CSM Desktop Client or CSM Browser Client

After you run the Tenable Vulnerability Export, view the vulnerabilities for more information.

Note: In rare cases, there may be instances where a vulnerability or Plugin is present on a single Configuration Item (CI) more than once at the same time via different ports or protocol.

This mApp® Solution limits the relationship between CIs and vulnerabilities based on unique Plugin ID; therefore, in an instance where a CI has the same vulnerability multiple times, CSM only reports on one of these instances. As a result, the reporting may show different counts in CSM versus Tenable.io for vulnerabilities per CI or Asset.

To view vulnerabilities in the Desktop Client or Browser Client:

  1. Open the Search Manager.
  2. From the Association drop-down list, select Event - Security.
  3. Select Open Security Events, and then select Run.
  4. Open any records associated with a vulnerability and you will notice the following:
    • The Source field on the Overview tab is set to Tenable.
    • The Vulnerability Name is also the Event Name.
    • The Details and Response Notes fields are details from Tenable regarding the vulnerability.
    • The External Source ID field is the same as Plugin ID in Tenable.
    • The Event Type field is set to Common Vulnerabilities and Exposures.
    • The Event Severity field is the same as the Vulnerability Severity in Tenable.
    • The Priority field is set to Low.
    • The Vulnerability tab is visible and contains all details from Tenable regarding the vulnerability. All fields on this tab are read-only.
    • The Configuration Item tab shows the Security Event Joins Configuration Item join table details including the status of the vulnerability on each CI.
      • Selecting the Jump button takes you to the join record where you can enter resolution details and mark the vulnerabilities resolved on the CI.
      • The links under Actions allow you to jump to the Configuration Item record or back to the Security Event.
    • On the Security Event record, you can create Incidents, Change Request, or Problems.
    • On the Configuration Item records, the Security Events can be found on the Event tab.

Was this article useful?    

Copyright © 2023, Ivanti, Inc. All rights reserved.

Privacy and Legal