Documentation

Create Issues from Inferred CVEs

ASM pulls in CVE details from Vulnerability Intelligence and can be configured to create Issues from Inferred CVEs. To create Issues from Inferred CVEs, follow these steps:  

  1. In ASM, navigate to Collections > Settings.
  2. Click Settings associated with a Collection. The Issue Settings tab opens.
  3. Click the Inferred CVEs toggle to the on position.

ℹ️

If the Inferred CVEs as Issues option is not enabled, Inferred CVEs are only on the Entity.
4. Click Settings to configure the options that you want to use to create Issues:

  • Create Issue if exploited in the wild: Exploitation has been observed in the wild.
    • Optional: Assign Critical severity to these Issues 
  • Create Issue when exploit exists: Exploit or POC code is publicly available or underground discussions, alleged selling, or alleged privately held code is observed.
    • Optional: Assign Critical severity to these Issues
  • Create Issue when CVSS v3 score is above the following: Choose a minimum score threshold at which to generate Issues.    
> ℹ️
>
> Issue severity is based on the CVSS ranges from [NIST NVD](https://nvd.nist.gov/vuln-metrics/cvss). 
> 
> | Issue Severity Based on CVSS v3 Score |            |
> | :------------------------------------ | :--------- |
> | **Severity**                          | **Ranges** |
> | Critical                              | 9.0 - 10.0 |
> | High                                  | 7.0 - 8.9  |
> | Medium                                | 4.0 - 6.9  |
> | Low                                   | 0.1 - 3.9  |
> | None (Informational)                  | 0.0        |
> 
> For more detailed information, see [ASM Issue Severity Definitions and Examples](doc:issues-severity-definitions).
  1. Click Save.
  • Setting Inferred CVEs as Issues to off prevents new Inferred CVE Issues from being created. Existing Issues initially generated by Inferred CVEs continue to show up on the Issues page as Inactive Issues.
  • When toggling this feature Off, you must then Scan Collection for these changes to take effect.

Examples of Issues created from Inferred CVEs

Issues created from Inferred CVEs include Inferred CVE in their name and a Potential Confidence assignment.

ℹ️

  • To return all Issues created from Inferred CVEs, search Issues using the keyword inferred.
  • To return all Entities with Inferred CVEs, search Entities using the Entities with Inferred CVEs search option.

Issues Created from Entity IC-Score

Entities with IC-Score

Inferred CVEs Linked to Threat Intelligence

When available, the Inferred CVEs populate on URI and Network Entity Pages. 

Issues with CVEs Linked to Threat Intelligence

Updated 3 days ago