Active View - Vulnerabilities

Overview

Fortra VM Active View provides a comprehensive, aggregate health assessment of your environment. It helps you identify your vulnerabilities and optimize remediation resources.

The Active View System Health Vulnerabilities page is the central location for managing vulnerabilities that Fortra VM discovers in your environment.

Viewing vulnerabilities

You can toggle the view between Grouped by vulnerability (default) or Show all instances when viewing vulnerabilities on this page (see 3 in the Vulnerabilities page components table).

Selecting Group by vulnerability lists vulnerabilities by Vulnerability Dictionary ID, vulnerability title, vulnerability class (Explicit, Malware, etc.), Fortra VM severity, NVD severity, PCI severity, and hidden. For example, vulnerabilities set to hidden (More > Set hidden) will appear as a separate entry:

Additionally, although rarer, differences in NVD severity over time may result in separate entries in the Grouped by vulnerability view. For example, an NVD entry may have recently been updated by NIST to include a CVSS 3.1 score, whereas previously, it contained a CVSS 2.0 score. This change in scoring can change the NVD severity from Medium to High and may also affect the PCI severity.

Scanning your assets regularly will ensure that your Active View contains the most recent changes to the vulnerabilities detected.

Vulnerabilities page components

Ref.	Description
1	Actions you can take with selected vulnerabilities: Add comment Add label More options - Includes options to Hide vulnerabilities, identify vulnerabilities as an Acceptable risk, and provide a Fix status (not available while viewing vulnerabilities by group).
2	Options for searching your vulnerabilities. See related: Find Information in Fortra VM
3	Toggles the list by Show all instances or Group by vulnerability.
4	Sorts the list.
5	A list of vulnerabilities in your environment. Depending on your selected view, the list includes Severity level, description, status, ports, protocols, services, and the number of instances (indicates if there are recent changes in the number of vulnerabilities). NOTE: By default, the list shows vulnerabilities grouped by vulnerability.
6	The abbreviated vulnerability description and suggested solutions (appears when you select a vulnerability name). In the vulnerability description, select the Vulnerability Details ID number to see complete details about the vulnerability and view the assets it affects. NOTE: If viewing individual vulnerability instances, the abbreviated description also gives you specific Instance Data and allows you to add notes and manage labels.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Product Version | 202412161204 | December 2024