View Vulnerabilities from the CSM Desktop Client or CSM Browser Client

After you run the Tenable Vulnerability Export, view the vulnerabilities for more information.

In rare cases, there may be instances where a vulnerability or Plugin is present on a single Configuration Item (CI) more than once at the same time via different ports or protocol.
This mApp® Solution limits the relationship between CIs and vulnerabilities based on unique Plugin ID; therefore, in an instance where a CI has the same vulnerability multiple times, CSM only reports on one of these instances. As a result, the reporting may show different counts in CSM versus for vulnerabilities per CI or Asset.

To view vulnerabilities in the Desktop Client or Browser Client:

  1. Open the Search Manager.
  2. From the Association drop-down list, select Event - Security.
  3. Select Open Security Events, and then select Run.
  4. Open any records associated with a vulnerability and you will notice the following:
    • The Source field on the Overview tab is set to Tenable.
    • The Vulnerability Name is also the Event Name.
    • The Details and Response Notes fields are details from Tenable regarding the vulnerability.
    • The External Source ID field is the same as Plugin ID in Tenable.
    • The Event Type field is set to Common Vulnerabilities and Exposures.
    • The Event Severity field is the same as the Vulnerability Severity in Tenable.
    • The Priority field is set to Low.
    • The Vulnerability tab is visible and contains all details from Tenable regarding the vulnerability. All fields on this tab are read-only.
    • The Configuration Item tab shows the Security Event Joins Configuration Item join table details including the status of the vulnerability on each CI.
      • Selecting the Jump button takes you to the join record where you can enter resolution details and mark the vulnerabilities resolved on the CI.
      • The links under Actions allow you to jump to the Configuration Item record or back to the Security Event.
    • On the Security Event record, you can create Incidents, Change Request, or Problems.
    • On the Configuration Item records, the Security Events can be found on the Event tab.