Fortinet white logo
Fortinet white logo

EMS Administration Guide

Viewing the top 10 vulnerable endpoints with high risk vulnerabilities

Viewing the top 10 vulnerable endpoints with high risk vulnerabilities

To view the top 10 vulnerable endpoints with high risk vulnerabilities:
  1. Go to Dashboard > Vulnerability Scan. The Top 10 Vulnerable Endpoints With High Risk Vulnerabilities chart displays vulnerabilities per endpoint in a segmented bar graph and organized by severity.

    WIN-1F3BOCJBRAM has the following:

    • 15 Critical Vulnerabilities (red bar)
    • 17 High Risk Vulnerabilities (orange bar)
    • 17 Medium Risk Vulnerabilities (yellow bar)
    • 6 Low Risk Vulnerabilities (green bar)
  2. Do one of the following:
    1. Click the endpoint hostname. You can view a list of all vulnerabilities detected on that endpoint.

      Vulnerability

      Name of the vulnerability.

      Category

      Category of the vulnerability.

      Severity

      Severity level of the vulnerability.

      Patch Status

      You can click the Patch button to patch the selected vulnerability with the next Telemetry communication between FortiClient EMS and the endpoint.

      If a patch is already scheduled for the vulnerability, this column displays Scheduled.

      If the vulnerability must be patched manually, this column displays Manual Patch.

      FortiClient may be unable to detect and automatically patch the vulnerability due to one of the following reasons:

      • Third-party application vulnerabilities: incorrect or missing installation paths
      • OS vulnerabilities: Windows update service is disabled

      In these cases, EMS may incorrectly display the status of these vulnerabilities that were selected to be automatically patched as Scheduled instead of Failed.

      You can filter the list of vulnerable endpoints by any column by clicking the filter icon beside the desired heading. Enter the value to include in the filter. You can toggle the All/Any/Not button for the following options:

      • All: Display all files that match the set filter.
      • Any: Display any file that matches the set filter.
      • Not: Display only files that do not match the set filter.
    2. Click one of the sections of the vulnerability bar graph to view all vulnerabilities detected on the selected endpoint at the selected severity. The example displays all critical vulnerabilities for the selected endpoint. You can filter the list of vulnerabilities in the same way that you can filter the list of vulnerabilities in option a.

Viewing the top 10 vulnerable endpoints with high risk vulnerabilities

Viewing the top 10 vulnerable endpoints with high risk vulnerabilities

To view the top 10 vulnerable endpoints with high risk vulnerabilities:
  1. Go to Dashboard > Vulnerability Scan. The Top 10 Vulnerable Endpoints With High Risk Vulnerabilities chart displays vulnerabilities per endpoint in a segmented bar graph and organized by severity.

    WIN-1F3BOCJBRAM has the following:

    • 15 Critical Vulnerabilities (red bar)
    • 17 High Risk Vulnerabilities (orange bar)
    • 17 Medium Risk Vulnerabilities (yellow bar)
    • 6 Low Risk Vulnerabilities (green bar)
  2. Do one of the following:
    1. Click the endpoint hostname. You can view a list of all vulnerabilities detected on that endpoint.

      Vulnerability

      Name of the vulnerability.

      Category

      Category of the vulnerability.

      Severity

      Severity level of the vulnerability.

      Patch Status

      You can click the Patch button to patch the selected vulnerability with the next Telemetry communication between FortiClient EMS and the endpoint.

      If a patch is already scheduled for the vulnerability, this column displays Scheduled.

      If the vulnerability must be patched manually, this column displays Manual Patch.

      FortiClient may be unable to detect and automatically patch the vulnerability due to one of the following reasons:

      • Third-party application vulnerabilities: incorrect or missing installation paths
      • OS vulnerabilities: Windows update service is disabled

      In these cases, EMS may incorrectly display the status of these vulnerabilities that were selected to be automatically patched as Scheduled instead of Failed.

      You can filter the list of vulnerable endpoints by any column by clicking the filter icon beside the desired heading. Enter the value to include in the filter. You can toggle the All/Any/Not button for the following options:

      • All: Display all files that match the set filter.
      • Any: Display any file that matches the set filter.
      • Not: Display only files that do not match the set filter.
    2. Click one of the sections of the vulnerability bar graph to view all vulnerabilities detected on the selected endpoint at the selected severity. The example displays all critical vulnerabilities for the selected endpoint. You can filter the list of vulnerabilities in the same way that you can filter the list of vulnerabilities in option a.