Vulnerabilities Page
The Vulnerabilities page in the IoT Security portal displays
detected vulnerabilities.
The Vulnerabilities page ()
provides an overview of the vulnerabilities and vulnerable devices
that IoT Security detected and presents the following information:
- The total number of confirmed and potential vulnerabilities organized by severity level
- A bar chart that shows the distribution of vulnerabilities by device profile
- A table listing vulnerabilities, each of which links to a page with further details
When you hover your cursor over one of the bars in the Vulnerability
Distribution bar chart, a panel pops up displaying the number of
vulnerabilities and vulnerable devices in that profile.
You can search for a text string in any of the columns, download
the list of vulnerabilities, create a filter to show only the vulnerabilities
you want to see, and control which columns you want to show and
hide.
Although the Severity column in the table shows only icons,
you can still search by the severity level words Critical, High,
Medium, and Low.
You can also set the number of rows you want to see on each page
(from 5 to 200) and navigate among multiple pages.
CVSS Score Range | Severity Level |
|---|---|
9.0 – 10.0 | Critical |
7.0 – 8.9 | High |
4.0 – 6.9 | Medium |
< 4.0 | Low |
While a severity level in the IoT Security system reflects a
CVSS score, there isn’t always a direct correlation between the
two. For example, a hard-coded password in a device might have a
CVSS score of 10.0, but an IoT Security severity level of High rather
than Critical. This can happen when there isn’t proof that the device can
be accessed from the Internet or by an unauthorized user. While
NIST assigns a CVSS score to a vulnerability generically, IoT Security
assigns a “risk severity” level to vulnerabilities based on the
specifics of each case.
For example, although the first vulnerability has a CVSS score
of 9.8, its risk severity is High instead of Critical. IoT Security
bases the severity level not only on the CVSS score but on other
determining risk factors as well.
Vulnerabilities table columns
- Severity– The severity level of a vulnerability: critical, high, medium, or low.
- CVSS– The CVSS (Common Vulnerability Scoring System) score of a vulnerability.
- Vulnerability– The name or CVE (common vulnerabilities and exposures) number of a vulnerability. This links to the Vulnerability Details page.
- Confirmed– Indicates if a vulnerability is confirmed to apply to one or more devices. An empty field indicates that it is a potential vulnerability.
- Source– (Not shown by default) The source that identified the device vulnerability: IoT Security or Firewall.
- Confirmed Instances– The number of devices to which a vulnerability is confirmed to be applicable. This number links to the Vulnerability Details page.
- Potential Instances– The number of devices to which a vulnerability might be applicable but has not been confirmed. This number also links to the Vulnerability Details page.
- Vulnerable Profiles– The number of device profiles to which a confirmed or potential vulnerability applies.
When you hover your cursor over an entry in the Vulnerability
column, a panel pops up with showing its description and impact.
Clicking
View more
opens the Vulnerability
Details page. Clicking the name of a vulnerability entry also opens
the Vulnerability Details page.