View the Inferred CVEs for a Service - User Guide - 1.0 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Assess User Guide

Product
Cortex XPANSE
Version
1.0
Creation date
2022-08-25
Last date published
2024-03-26
End_of_Life
EoL
Category
User Guide
Abstract

Cortex Xpanse provides information about the Inferred CVEs that may be impacting a service.

The Inferred CVEs that may impact a specific service are listed on the Services details page in Cortex Xpanse. A service can have several software packages running on it, so it is common for there to be Inferred CVEs for different products impacting a single service.

  1. Navigate to the Services tab in Cortex Xpanse.

  2. From the list of services, select a service by clicking on the relevant row.

    The Inferred CVEs column in the service list indicates how many Inferred CVEs are potentially affecting that service.

  3. On the Service details page, scroll to the Inferred Potential CVEs section, and expand the list.

    For each Inferred CVE, Cortex Xpanse provides the information listed in the following table to help you determine which of the Inferred CVEs should be addressed.

    Field

    Description

    CVE ID

    The CVE ID is linked to the CVE entry in the National Vulnerability Database

    CVSS v3 Score

    The Common Vulnerability Scoring System (CVSS) is an industry standard for assessing the severity of software security vulnerabilities. CVSS scores range from 0 to 10, with 10 being the most severe. For the specific metrics used to calculate a CVSS v3 score, see https://www.first.org/cvss/.

    N/A indicates that the CVE doesn’t have a CVSS v3 score.

    CVSS v2 Score

    The Common Vulnerability Scoring System (CVSS) is an industry standard for assessing the severity of software security vulnerabilities. CVSS scores range from 0 to 10, with 10 being the most severe. For the specific metrics used to calculate a CVSS v2 score, see https://www.first.org/cvss/.

    N/A indicates that the CVE doesn’t have a CVSS v2 score.

    Confidence

    Confidence in the CVE inference

    • High—An exact version match

    • Medium—An approximate version match

    • Low—A match based on product name only

    For more information about Inferred CVE match confidence, see Inferred CVEs.

    Inferred From

    Lists the product name and version information that Cortex Xpanse used to make the CVE inference.

    • Product name and version number—Matched on both product name and version.

    • Product name only—Matched on product name only because the service doesn’t advertise version information.

    • Product name and Non-version-specific CVE—Matched on product name only because the National Vulnerability Database CVE definition does not include version numbers.