View vulnerability libraries

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • You can view vulnerability data imported from the National Vulnerability Database (NVD), Common Weakness Enumeration (CWE), or third-parties to decide whether to escalate a vulnerability group.

    Before you begin

    Role required: App-Sec Manager group

    Procedure

    1. Navigate to All > Application Vulnerability Response > for Libraries.

      The following libraries are available:

      Libraries Description
      NVD List of vulnerabilities found by NVD and includes security checklists, security-related software flaws, misconfigurations, product names, and impact metrics including exploits.
      CWE

      List of community-developed software weakness types.

      Each CWE record also includes an associated knowledge article that describes the weakness. You cannot escalate a vulnerability from the Common Weakness Enumerations screen, it is for reference only.
      Third-party List of imported third-party vulnerabilities in your instance. Contains a list of related references, vulnerable items, exploits, CWEs, and CVEs.
    2. Choose a library to view vulnerabilities.
      Example CWE vulnerability entry
      For information on specific fields, see Application Vulnerability fields.