TABLE OF CONTENTS

Overview

This topic explains the information that you find in the vulnerability list view and detail view and actions that you can take from the vulnerability detail view. You should navigate to the Security Reports > Vulnerabilities page to see the information on vulnerabilities found in the images, while scanning them.


Each entry (row) of the Vulnerabilities page is an instance of a vulnerability found in one image during scanning of the image. Therefore, if a given vulnerability was found in N images, it will appear N times in the list. In the documentation, Aqua refers the term vulnerability to mean an instance of a vulnerability.


Vulnerability instances

The following screenshot shows the Vulnerabilities page filtered with the name contains the text string CVE-2020-1971. There are 5 instances of this same vulnerability found during scanning.


The row corresponding to each vulnerability contains the following information:


HeaderMeaning
Vulnerability

ID of the vulnerability found (Example: CVE-2005-2541)

ImageThe image in which the vulnerability was found. The vulnerability and the image values comprise a unique identifier of the vulnerability instance.
Custom SeveritySeverity defined and loaded by your organization in Aqua for each vulnerability. This severity may or may not be the same as Severity by Aqua, mentioned in the next row.
SeveritySeverity of the vulnerability: Negligible, Low, Medium, High, or Critical 
ResourceThe image resource in which the vulnerability was found
Exploit AvailabilityA check-mark which indicates the availability of an exploit in the wild
Vendor FixA check-mark which indicates the availability of a software vendor fix for the vulnerability
AcknowledgmentAcknowledge action required or shows information when was the acknowledgement done for the vulnerability. For more information, refer to the Acknowledgement Status section.


Filter list

You can filter the list of vulnerabilities by any or all of the following criteria:


Note: If you are in Aqua Advanced or Enterprise plan, you can filter vulnerabilities in the All Vulnerabilities display mode only.


Criteria setLabelFilters on
Vulnerability DetailsID or ResourceA substring of either a vulnerability ID or a resource name
Severity (dropdown)Vulnerability severity
Exploit Availability (dropdown)Available/Not Available. To filter whether there is an exploit in the wild for the vulnerability
Exploit Type (dropdown)Remote, DoS (denial-of-service), Local, Web Apps

Note: This information is not displayed in the list of vulnerabilities.
Environment DetailsRegistry (dropdown)The registry of the image containing the vulnerability
Image NameAll or part of the name of the image (including tag) in which the vulnerability was found during scanning
Solution DetailsVendor Fix (dropdown)Yes/No. To filter whether a fix for the vulnerability is available from the software vendor
Acknowledgement Status (dropdown)Yes/No. To filter whether a vulnerability is acknowledged.
More FiltersScoreFilters vulnerabilities which exceeded or matches the selected vulnerability score


You can clear any or all of the active filters by clicking the X button on the active filters as shown below.



Acknowledgement status

 you can apply the acknowledgment to a single instance or multiple images. In other words, the acknowledgment can apply to multiple vulnerability instances. The Acknowledgment column of the Vulnerabilities page can contain any one of the values listed in the following table. The following table shows the values that are displayed in the Acknowledgement column.


For more information on how to acknowledge or unacknowledge a vulnerability or the associated information, refer to Apply and Manage Security Issue Acknowledgments.


For more information on the explanation of the effects of acknowledging a vulnerability, refer to Reactive Risk Management.


ValueExplanation
AcknowledgeThis is a button displayed in the column to show that vulnerability instance is not acknowledged. You can click the button to acknowledge the vulnerability.
N days agoThis is a button displayed in the column to show when the vulnerability instance was acknowledged. It shows the numbers days from today, the vulnerability is acknowledged. You can click the button to unacknowledge the vulnerability.


Vulnerability detail view

You can click any row in the Vulnerabilities list to see a window that provides full details about the vulnerability as shown below:



You can acknowledge the specific vulnerability from the detail view, by clicking the Acknowledge button.