Documentation

Inferred Vulnerabilities

An inferred vulnerability, or CVE, is a vulnerability identified through a passive check that recognizes a technology known to have a vulnerability associated with it. 

From the Attack Surface Management (ASM) Entities page, you can find CVEs in the following ways:

  • For a list of the Entities that have at least one CVE, search for vuln:cveEntities page showing vuln colon cve search results.
  • To locate URIs, the Entity type that is most likely to have CVEs, select the Uri filter.  Entities page showing a URI filter applied to a vuln colon cve search.

For information on exporting a specific search, see Exporting Search Results.

Select any Entity to bring up additional information. If there are any CVEs, they are shown on the Inferred CVEs tab.

The Inferred CVEs tab for a specific Entity.

Updated 3 months ago