Understand the Code Weaknesses table - Administrator Guide - Cortex Cloud Posture Management - Cortex CLOUD

Severity

The severity level assigned to the code weakness: Critical, High, Medium, Low, Informational, or Unknown. Severity is determined by the detection rule and may be overridden by a matched unified policy

Name

The descriptive name of the code weakness (such as SQL Injection detected in code). The Name column serves as the primary identifier for the issue

File Path

The path to the source code file containing the code weakness, including the affected line range (such as /src/controllers/userController.js (42-48))

Branch

The repository branch where the code weakness was detected (such as main)

Created

The timestamp when the issue was first detected

CWE

The Common Weakness Enumeration identifier classifying the type of code weakness (such as CWE-89: SQL Injection, CWE-79: Cross-site Scripting)

Prioritization Labels

Contextual labels that indicate risk-amplifying factors such as deployment status, internet exposure, or application criticality

Data Source

The VCS provider where the repository is hosted (GitHub, GitLab, Bitbucket, Azure DevOps, and variants)

Last Updated

The timestamp of the most recent update to the issue

Alert Description

A detailed description of the code weakness, including the attack vector, impact, and recommended remediation

Asset ID

The internal identifier of the SAST asset

Detection Method

The scanner that detected the code weakness (CAS_SAST_SCANNER)

Alert Source

The originating scanner source

Git User

The Git author associated with the commit that introduced the code weakness

Finding ID

The unique identifier of the underlying finding

Issue ID

The internal issue identifier used for API operations and cross-referencing

Manual Fix Suggestion

The recommended manual remediation steps, including secure code patterns

Rule ID

The detection rule identifier associated with the code weakness

CWE ID

The Common Weakness Enumeration identifier (such as CWE-89, CWE-79, CWE-22)

OWASP Category

The OWASP Top 10 category the code weakness maps to (such as A03:2021 Injection, A07:2021 Cross-Site Scripting)

Language

The programming language of the affected source code file (such as JavaScript, Python, Java, Go, C#)

Code Lines

The specific line range within the file where the code weakness occurs

Code Block

The source code snippet containing the code weakness

Code Highlights

The specific lines within the code block that are flagged

Data Flow

The data flow trace from the source (user input) to the sink (vulnerable function call), when available

Domain

The security domain classification (such as POSTURE)

Assignee

The user assigned to remediate the issue

Assignee Name

The display name of the assigned user

Resolution Status

The current resolution state: New, In Progress, or Resolved

Resolution Comment

The comment provided when the resolution status was changed

Original Severity

The severity assigned by the detection rule before any policy override

Provider Link

A direct link to the file in the VCS provider

Rule ID Link

A link to the detection rule documentation

Finding Category

The category classification of the finding (such as Application Security).

Subcategory

The subcategory classification of the finding

Tags

User-defined or system-generated tags applied to the issue