Skip to main content

View vulnerabilities in OneView

In Malwarebytes OneView, use the Vulnerabilities page to view important security information for detected vulnerabilities across your sites and managed endpoints. Vulnerabilities are detected daily across operating systems and software applications, it's important to monitor this page to ensure your environment is protected. Vulnerability data is stored and displayed for up to 90 days prior across all endpoints. 

Use Vulnerability and Patch Management to to install available software updates and system patches to keep endpoints protected. For more information, see Configure Vulnerability and Patch Management in OneView.

To view vulnerabilities, click Monitor Vulnerabilities. Endpoint vulnerabilities display.

Watch this video for an overview of the vulnerabilities page in OneView. 

Endpoint information

The following information is displayed for each endpoint vulnerability.

Column Description
Application Detected application name with the vulnerability.
CISA recommended
  • Shows if the vulnerability is found in the CISA managed catalog of known exploited vulnerabilities. 
  • Provides a link to the CISA catalog for the vulnerability if recommended in the column. 
CVE
  • Shows the CVE number as reported in the National Vulnerability Database.
  • Click on the CVE number to view additional vulnerability information and recommended remediation steps. 
Description Description of the vulnerability and how it is used to exploit the application. 
Endpoint Host name of the vulnerable endpoint.
Identified date Date the vulnerability was detected on the endpoint.
OS Operating system of the endpoint.
OS type Type of operating system installed on the endpoint.
Severity

Severity level of the detected vulnerability. Severity is set using the CVSS standard. For more information, see CVSS Score System

  • Unknown: Vulnerability was not found in the CISA catalog or NIST database
  • Low: Vulnerability detected and scored as low severity in the CVSS system. 
  • Medium: Vulnerability detected and scored as medium severity in the CVSS system. 
  • High: Vulnerability detected and scored as high severity in the CVSS system. 
  • Critical: Vulnerability detected and scored as critical severity in the CVSS system. 
Site OneView Site name assigned to the endpoint with the vulnerability.
Vendor Vendor name of the installed software which is vulnerable.

Filter vulnerabilities

The Vulnerabilities table helps you manage the available information pulled from your endpoints. Use filters within this table to sort your vulnerability information into specified results. 

Customize data in the results list in the following ways:

  • Reset filters: In the upper-right corner of the page, click Reset filters Reset_Filters.png to go back to the default filter settings.
  • Add / Remove Columns: In the top-right of the table, click Add / Remove Columns to customize the table columns.
  • Column pinning and auto-sizing: Next to a column header, click the filter Column_Pinning.png button to display a checkbox list of different sub-filters you can apply. Click the filter Column_Pinning.png tab to pin or auto size for the selected column.
  • Right-click menu: In the table, click and drag to select and highlight a section of the table. Right-click on your selected information to copy or export a .csv or an .xlsx file.
  • Select all: Click the checkbox next to the CVE column header.

Export data

Download your vulnerability information to your local machine for auditing purposes or external reporting. 

  1. Select all or check specific boxes for the rows you want to export.
  2. At the top-right of the Vulnerabilities page, click the ellipsis icon Capture.PNG.
  3. Click Download .csv or Download .xlsx to export your data.

 

Return to Malwarebytes OneView Vulnerability Assessment guide.

Related articles