Cisco Cisco FirePOWER Appliance 7115
Version 5.3
Sourcefire 3D System User Guide
1511
Working with Discovery Events
Working with Third-Party Vulnerabilities
Chapter 35
To view third-party vulnerabilities:
A
CCESS
: Admin/Any Security Analyst
Select Analysis > Vulnerabilities > Third-Party Vulnerabilities.
The first page of the default third-party vulnerabilities workflow appears. To
The first page of the default third-party vulnerabilities workflow appears. To
use a different workflow, including a custom workflow, click (switch workflow).
For information on specifying a different default workflow, see
TIP!
If you are using a custom workflow that does not include the table view
of third-party vulnerabilities, click (switch workflow), then select Vulnerabilities
by Source or Vulnerabilities by IP Address.
Understanding the Third-Party Vulnerabilities Table
L
ICENSE
: FireSIGHT
When you import third-party vulnerability information using the host input feature,
the system stores that information in its database. The fields in the third-party
vulnerabilities table are described in the following table.
Vulnerability Source
The source of the third-party vulnerabilities, for example, QualysGuard or
NeXpose.
Vulnerability ID
The ID number associated with the vulnerability for its source.
IP Address
The IP address associated with the host affected by the vulnerability.
Port
A port number, if the vulnerability is associated with a server running on a
specific port.
Bugtraq ID
The identification number associated with the vulnerability in the Bugtraq
database. (
)
CVE ID
The identification number associated with the vulnerability in MITRE’s
Common Vulnerabilities and Exposures (CVE) database (
).