Cisco Cisco FirePOWER Appliance 7010
37-26
FireSIGHT System User Guide
Chapter 37 Using Host Profiles
Working with Vulnerabilities in the Host Profile
•
download patches to mitigate the vulnerabilities discovered on the hosts on your network. See
for more information.
•
mark hosts as not vulnerable to individual vulnerabilities if you know that the hosts have been
patched. See
patched. See
for more information.
Viewing Vulnerability Details
License:
FireSIGHT
Vulnerability details include a technical description of the vulnerability and known solutions.
To access the vulnerability details for a specific vulnerability, select
Analysis > Vulnerabilities
or
Analysis
> Third-Party Vulnerabilities
and click the view icon (
) next to the SVID. You can also access
vulnerability details from the network map and the host profile.
Descriptions of the fields on the Vulnerability Detail page follow.
Cisco Vulnerability ID
The identification number (SVID) that the system uses to track vulnerabilities.
Snort ID
The identification number associated with the vulnerability in the Snort ID (SID) database. That is,
if an intrusion rule can detect network traffic that exploits a particular vulnerability, that
vulnerability is associated with the intrusion rule’s SID.
if an intrusion rule can detect network traffic that exploits a particular vulnerability, that
vulnerability is associated with the intrusion rule’s SID.
Note that a vulnerability can be associated with more than one SID (or no SIDs at all). If the
vulnerability does not have an associated SID, this field does not appear.
vulnerability does not have an associated SID, this field does not appear.
BugTraq ID
CVE ID
Title
The title of the vulnerability.
Impact Qualification
Use the drop-down list to enable or disable a vulnerability. The Defense Center ignores disabled
vulnerabilities in its impact correlations.
vulnerabilities in its impact correlations.
The setting you specify here determines how the vulnerability is treated on a system-wide basis and
is not limited to the host profile where you select the value. See
is not limited to the host profile where you select the value. See
for information about using this feature to enable and disable a
vulnerability.
Date Published
The date that the vulnerability was published.