Skip to main content

Manage vulnerabilities in Nebula

In Malwarebytes Nebula, Vulnerability Assessment shows vulnerabilities for installed software and operating systems on managed endpoints. Vulnerability data is stored and displayed for up to 90 days prior across all endpoints. 

TIP - To see the latest vulnerabilities identified on your endpoints, run or schedule an Inventory & Vulnerability Scan. For more information, see Configure Vulnerability Assessment in Nebula.

Here are the different methods to view vulnerabilities: 

Vulnerabilities tab

Navigate to the Vulnerabilities tab to view the vulnerabilities of a specific endpoint. To locate the Vulnerabilities tab:

  1. On the left navigation menu, go to Manage > Endpoints.
  2. Click an endpoint name to view the endpoint's properties.
  3. Click Vulnerabilities.

Vulnerabilities page

On the left navigation menu, go to Monitor > Vulnerabilities to view vulnerabilities across your environment.

Endpoint information

The following information is displayed for each endpoint vulnerability.

Column Description
Application Detected application name with the vulnerability.
CISA recommended
  • Shows if the vulnerability is found in the CISA managed catalog of known exploited vulnerabilities. 
  • Provides a link to the CISA catalog for the vulnerability if recommended in the column. 
CVE
  • Shows the CVE number as reported in the National Vulnerability Database.
  • Click on the CVE number to view additional vulnerability information and recommended remediation steps. 
Description Description of the vulnerability and how it is used to exploit the application. 
Endpoint Host name of the vulnerable endpoint.
Identified date Date the vulnerability was detected on the endpoint.
OS platform Operating system platform of the endpoint.
OS type Type of operating system installed on the endpoint.
Severity

Severity level of the detected vulnerability. Severity is set using the CVSS standard. For more information, see CVSS Score System

  • Unknown: Vulnerability was not found in the CISA catalog or NIST database
  • Low: Vulnerability detected and scored as low severity in the CVSS system. 
  • Medium: Vulnerability detected and scored as medium severity in the CVSS system. 
  • High: Vulnerability detected and scored as high severity in the CVSS system. 
  • Critical: Vulnerability detected and scored as critical severity in the CVSS system. 
Vendor Vendor name of the installed software which is vulnerable.

Manage vulnerabilities

If you have Patch Management, vulnerabilities can be patched from this page by updating software. To update software from this page:

  1. Click on the CVE number to view additional vulnerability details.
  2. Select all or check specific boxes for endpoints you wish to update software on.
  3. Click Update Software.
  4. In the confirmation window, click Update.

Endpoints page

On the Endpoints page, add a new column for a quick glance of the severity of CVEs for each endpoint. The following column is available:

  • CVEs by severity: Shows the amount of Common Vulnerabilities and Exposures (CVE) by their severity. Hover over the diagram for a breakdown of vulnerabilities by severity.

Return to Malwarebytes Nebula Vulnerability Assessment guide.

Related articles