Image Detailed View: Vulnerabilities (tab)
This feature is not Generally Available yet. You can refer to this document only if your Aqua environment is enabled with the feature, Suppression of image vulnerabilities. If you are interested to experience this, please contact Aqua Support for enabling the feature.
Sample screenshot
Description
This tab shows, for the selected image:
- The counts, by severity, of all vulnerabilities found during the most recent scan
- Basic information on all vulnerabilities found
- More details: Click the vulnerability name. The detail includes:
- Score, on a scale ranging from 1 through 10. This is based on the vendor's published score for the vulnerability if available; or, alternatively, the NVD score.
- The Fix reported by Aqua displays the date when Aqua reports the fix. Aqua acquires this information from various data sources such as vendors and NVD.
- View details of the CWE ID for a particular CVE. Each CVE can have multiple CWEs mapped. The CWE details are added for the images that are scanned by Classic or Trivy Premium scanners.
For example:
Filtering the list
The list is always filtered by one of the vulnerability severity levels: critical, high, medium, low, or negligible. This screenshot shows the list filtered for vulnerabilities of low severity:
You can also filter this list by any or all of these criteria:
Criteria set | Label | Filters on |
---|---|---|
Vulnerability Details | ID or Resource | A substring of either a vulnerability ID or a resource name |
Severity | Vulnerability severity | |
Exploit Availability | Whether there is an exploit in the wild for the vulnerability | |
Exploit Type | Remote, DoS (denial-of-service), Local, Web Apps | |
Note: This information is not displayed in the list of vulnerabilities. | ||
Solution Details | Vendor Fix | Whether a fix for the vulnerability is available from the software vendor |
vShield status | See vShield status | |
Suppression Status | See Suppression status | |
More Filters | Score | Vulnerabilities having the score which exceeds or matches the score selected in this filter |
For example, the following screenshot shows filtering for vulnerabilities of critical severity, whose names contain the text string "CVE-2021", for which a vendor fix is available:
To undo all selected filters (other than severity) click x Clear Filters.
Actions available
These actions are available in the Vulnerabilities tab of the Images page.
From the vulnerability detailed view, which appears when you click the vulnerability name:
- Suppress or unsuppress the vulnerability or change the expiration of an existing acknowledgement. Once you suppress the vulnerability, it is removed from the list.
- Open the NVD (National Vulnerability Database) web page on the vulnerability (if available)
- Open the software vendor's web page on the vulnerability (if available)
By clicking on an entry under the vShield Status column:
By clicking on an entry under the Suppression column:
- Suppress or unsuppress the vulnerability or change the expiration of an existing acknowledgement. Once you suppress the vulnerability, it is removed from the list.
Did you find it helpful? Yes No
Send feedback