Fingerprint Dashboard - CVE Integration

For information on the Fingerprint Dashboard setup, please see the following link:


https://documentation.pcmatic.com/article/275-fingerprint-dashboard


Click on the (?) icon on the Vulnerabilities card to display a brief abstract about vulnerabilities (CVEs) and the score. The score is heavily weighted towards the vulnerabilities on the devices.

NOTE: In this document, vulnerabilities and CVEs are used interchangeably.

Click on the Vulnerabilities score to expose three sub-cards

  • Total Vulnerabilities
  • Affected Devices
  • Affected Products

These cards provide different avenues to investigate vulnerabilities in your environment.

The Total Vulnerabilities card also has a quick breakdown of the severities of the CVEs found in your environment.

  • Critical
  • High
  • Medium
  • Low

Click on the Total Vulnerabilities card to display a table with all the CVEs for the environment. Also include in the table is the severity, CVSS version, published date, and modified date for each individual.

Click on the expander on the left side of a CVE row to explore information related to both the CVE and specific to your environment. You will also see an abstract for the CVE as well as KEV information if available. Below this text is another table that contains all the devices affected by the specific CVE order by product and product version.

Clicking on any CVE ID (ex. CVE-2008-0655) will open a new browser tab to our internal page for that specific CVE.

Clicking the NIST.gov CVE Details located in the far right of the expanded section will open a new browser window to the external NIST page for the CVE.

Click on the expander to the left of a device name to expose another table. This table will show the filename, location, file version, and md5 hash for the affected product related to the specific CVE.

If the file location is truncated, hover your mouse of the field to display the full location name.

Clicking on any MD5 hash will open a new browser tab to the external VirusTotal page for that hash.

(ex. 0x3185CA285CBA605CB74AED9C11AF52AF)

The second card is the Affected Devices. Clicking this card exposes a table with all the scanned devices that have vulnerabilities found on them.

The table also contains a summary of all the CVEs found on each device, as well as a breakdown of those CVEs by the different severities.

Click the expander to the left of one of the devices to expose a table with all the CVEs found on that device.

Again, click on the expander on the left side of a CVE row to explore information related to both the CVE and specific to your environment. You will also see an abstract for the CVE as well as KEV information if available. Below this text is another table that contains all the products, versions, files, etc. for that the specific and device.

The third and final card is the Affected Products. Clicking this card exposes a table with products and product version by vendor sorted by the largest number of vulnerabilities for each product version.

Click the expander to the left of one of the vendors to expose a table with all the CVEs found on that device.

Again, click on the expander on the left side of a CVE row to explore information related to both the CVE and specific to your environment. You will also see an abstract for the CVE as well as KEV information if available. Below this text is another table that contains all the devices affected by the specific CVE as well as the filename, location, and md5 hash.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us