Cisco Cisco Firepower Management Center 4000

37-28

FireSIGHT System User Guide

Chapter 37 Using Host Profiles

Working with Vulnerabilities in the Host Profile

Tip

You can also deactivate vulnerabilities from the network map and from vulnerability event views. For
more information, see

Working with the Vulnerabilities Network Map, page 36-7

and

Deactivating

Vulnerabilities, page 38-49

To change the use of a vulnerability across the system:

Access:

Admin/Any Security Analyst

Step 1

Access the host profile of a host affected by the vulnerability you want to deactivate.

Step 2

Expand the

Vulnerabilities

section.

Step 3

Click the name of the vulnerability you want to enable or disable.

A pop-up window appears with the vulnerability details. For more information, see

Viewing

Vulnerability Details, page 37-26

Step 4

Select

Disabled

Enabled

from the

Impact Qualification

drop-down list to specify how the vulnerability is

used.

Step 5

Confirm that you want to change the Impact Qualification for all hosts on the network map.

The vulnerability is enabled or disabled.

Step 6

Click

Done

to close the vulnerability details pop-up window.

Downloading Patches for Vulnerabilities

License:

FireSIGHT

If they are available, you can download patches to mitigate the vulnerabilities discovered on the hosts
on your network.

To download a patch for a vulnerability:

Access:

Admin/Any Security Analyst

Step 1

Access the host profile of a host for which you want to download a patch.

Step 2

Expand the

Vulnerabilities

section.

Step 3

Click the name of the vulnerability you want to patch.

The Vulnerability Detail page appears.

Step 4

Expand the

Fixes

section.

The list of downloadable patches for the vulnerability appears.

Step 5

Click

Download

next to the patch you want to download.

A download page from the patch vendor appears.

Step 6

Download the patch and apply it to your affected systems.