The documentation below describes the new version of the Alert Logic console, which was recently updated. This version will become the default in early 2020. For more information about the new navigation, see Managed Detection and Response Navigation Menu Updates.
A vulnerability is an important weakness to identify, as it can allow an attacker to reduce the information security of a system. Vulnerabilities are used to determine the security of your system.
Alert Logic lists all of the scan content that Alert Logic scanners can check for in the Vulnerability Library, under Investigate in the Alert Logic console. You can easily search for and view information on a specified vulnerability that Alert Logic scanned for, and see whether it impacts assets in your environment.
Vulnerability Library Contents
The Vulnerability Library is organized by exposure ID (EID) , common vulnerabilities and exposures (CVE) number, name of the vulnerability, severity ranking, CVSS score, PCI compliance audit result, last modified date, and product.
Alert Logic assigns each vulnerability one of the following severities based on the CVSS v2 score set by the National Institute of Standards and Technology, and reported to the National Vulnerability Database:
|Severity||CVSS base score|
|High||7.0 - 10.0|
|Medium||4.0 - 6.9|
|Low||0.1 - 3.9|
Sort through library
The Vulnerability Library, by default, is listed by the last modified date by descending order. The most recently added or updated content is displayed on top, which allows you to quickly check if coverage exists for any new emerging threats. You can sort the list by EID, name, or last modified date. Click the arrow icon () next to the column label to sort the list by descending or ascending order from that column.
You can perform searches to find a vulnerability in the library. In the search bar on the top right of the page, you can search for all or part of the name of the vulnerability, a specific CVE, an operating system or an application, an EID, or any partial string of text that is part of the vulnerability text.
View Vulnerability Details
To access a vulnerability detail page, click the entry in the table. The top part of the page provides the following information:
- Vulnerability name
- PCI result
- PCI audit pass/fail reason
- CVSS score and severity
The bottom portion of the page provides the following information:
- Description—Provides information about the vulnerability which can include the affected application or operating system, what the vulnerability is, or what an attacker is allowed to do.
- CWE—Common Weakness Enumeration
- Impact—Provides information on the potential impact of the vulnerability, which can include whether an application or operating system is prone to the vulnerability and why, and what the vulnerability allows an attacker to do.
- Solution—Provides a way to eliminate the vulnerability, if any, such as patching, upgrading, or contacting the vendor for more information.
- Detected on—Provides a list of operating systems and applications where the vulnerability was detected.
- References—Provides links to sources with more information about the vulnerability.