Cisco Cisco Firepower Management Center 4000 Manual

Page of 1844
 
38-53
FireSIGHT System User Guide
 
Chapter 38      Working with Discovery Events
  Working with Third-Party Vulnerabilities
Vulnerability ID
The ID number associated with the vulnerability for its source.
IP Address
The IP address associated with the host affected by the vulnerability.
Port
A port number, if the vulnerability is associated with a server running on a specific port.
Bugtraq ID
CVE ID
SVID
The Sourcefire Vulnerability identification number that the system uses to track vulnerabilities
Click the view icon (
) to access the vulnerability details for the SVID. See 
 for more information.
Snort ID
The identification number associated with the vulnerability in the Snort ID (SID) database. That is, 
if an intrusion rule can detect network traffic that exploits a particular vulnerability, that 
vulnerability is associated with the intrusion rule’s SID.
Note that a vulnerability can be associated with more than one SID (or no SIDs at all). If a 
vulnerability is associated with more than one SID, the vulnerabilities table includes a row for each 
SID.
Title
The title of the vulnerability.
Description
A brief description of the vulnerability.
Count
The number of events that match the information that appears in each row. Note that the Count field 
appears only after you apply a constraint that creates two or more identical rows.
Searching for Third-Party Vulnerabilities
License: 
FireSIGHT
You can search for third-party vulnerabilities that affect the hosts on your network. You may want to 
create searches customized for your network environment, then save them to reuse later. 
downloadlike
ArtboardArtboardArtboard
Report Bug