Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    24.3.0
    24.3.a
    24.3.0
    24.2.0
    24.1.a
    24.1.0
    23.4.a
    23.4.0
    23.3.0
    23.2.a
    23.2.0
    23.1.a
    23.1.0
    22.4.a
    22.4.0
    22.1.0

    Vulnerability Catalog

    Vulnerability Catalog

    The Vulnerability Catalog page provides a comprehensive view of all vulnerabilities identified within a selected application. You can view, search, sort, filter, and change the status of these vulnerabilities.

    The following summary widgets offer a quick overview of the vulnerability data.

    • Unique Vulnerabilities: Displays the total number of distinct vulnerabilities. Each unique vulnerability may have multiple instances, but it is counted only once in this summary.

    • Severity Distribution: Displays the count of vulnerabilities based on their severity levels.

    • Compliance Issues: Indicates the number of vulnerabilities that are related to OWASP or SANS standards.

    • Resolved Vulnerabilities: Displays the number of vulnerabilities that have been resolved. A vulnerability is considered resolved when its status is changed to one of the following: fixed, false positive, removed, or risk accepted.

    You can perform the following actions within the Vulnerability Catalog.

    • Choose an application from the Application Name dropdown to view its specific vulnerabilities.

    • Use the Search bar to find vulnerabilities by name or other criteria. Additionally, you can add filterable columns to search for vulnerabilities based on specific fields.

    • Click Export and select either CSV or JSON to save the list of vulnerabilities in the desired format.

    • Apply filters to narrow down the list of vulnerabilities based on various criteria, such as severity, status, or compliance. See Filtering Vulnerabilities.

    • View vulnerability details. See Viewing Vulnerability Details.

    • Modify the status of vulnerabilities. See Modifying the Vulnerability Status

    The following fields are displayed for each vulnerability. The vulnerabilities are grouped by severity. To customize the visible columns, hover over the first column header and click the gear icon. From the displayed menu, select or deselect the column names you want to add or remove.

    • Severity: The level of risk associated with the vulnerability.

    • Title: A brief description of the vulnerability.

    • Status: The current status of the vulnerability.

    • Scanner: The type of scanner that detected the vulnerability.

    • CWE: The Common Weakness Enumeration (CWE) identifier that categorizes the vulnerability.

    • Similar Occurrences: The number of times this vulnerability has been detected in other applications or environments.

    • Source File: The specific file within the application where the vulnerability was found.

    • CVE: The Common Vulnerabilities and Exposures (CVE) identifier, if applicable.

    • Finding ID: A unique identifier assigned to the vulnerability.

    • FortiGuard Outbreaks: Indicates whether the vulnerability is associated with any known FortiGuard outbreak alerts.

    • Last Scanned: The date and time of the last scan that detected the vulnerability.

    • Line Number: The specific line within the source file where the vulnerability was identified.

    • OWASP: The OWASP category.

    • SANS: SANS Top 25 category.

    • Supply Chain Threats: Indicates whether the vulnerability is associated with supply chain threats.

    Previous
    Next

    Vulnerability Catalog

    Vulnerability Catalog

    The Vulnerability Catalog page provides a comprehensive view of all vulnerabilities identified within a selected application. You can view, search, sort, filter, and change the status of these vulnerabilities.

    The following summary widgets offer a quick overview of the vulnerability data.

    • Unique Vulnerabilities: Displays the total number of distinct vulnerabilities. Each unique vulnerability may have multiple instances, but it is counted only once in this summary.

    • Severity Distribution: Displays the count of vulnerabilities based on their severity levels.

    • Compliance Issues: Indicates the number of vulnerabilities that are related to OWASP or SANS standards.

    • Resolved Vulnerabilities: Displays the number of vulnerabilities that have been resolved. A vulnerability is considered resolved when its status is changed to one of the following: fixed, false positive, removed, or risk accepted.

    You can perform the following actions within the Vulnerability Catalog.

    • Choose an application from the Application Name dropdown to view its specific vulnerabilities.

    • Use the Search bar to find vulnerabilities by name or other criteria. Additionally, you can add filterable columns to search for vulnerabilities based on specific fields.

    • Click Export and select either CSV or JSON to save the list of vulnerabilities in the desired format.

    • Apply filters to narrow down the list of vulnerabilities based on various criteria, such as severity, status, or compliance. See Filtering Vulnerabilities.

    • View vulnerability details. See Viewing Vulnerability Details.

    • Modify the status of vulnerabilities. See Modifying the Vulnerability Status

    The following fields are displayed for each vulnerability. The vulnerabilities are grouped by severity. To customize the visible columns, hover over the first column header and click the gear icon. From the displayed menu, select or deselect the column names you want to add or remove.

    • Severity: The level of risk associated with the vulnerability.

    • Title: A brief description of the vulnerability.

    • Status: The current status of the vulnerability.

    • Scanner: The type of scanner that detected the vulnerability.

    • CWE: The Common Weakness Enumeration (CWE) identifier that categorizes the vulnerability.

    • Similar Occurrences: The number of times this vulnerability has been detected in other applications or environments.

    • Source File: The specific file within the application where the vulnerability was found.

    • CVE: The Common Vulnerabilities and Exposures (CVE) identifier, if applicable.

    • Finding ID: A unique identifier assigned to the vulnerability.

    • FortiGuard Outbreaks: Indicates whether the vulnerability is associated with any known FortiGuard outbreak alerts.

    • Last Scanned: The date and time of the last scan that detected the vulnerability.

    • Line Number: The specific line within the source file where the vulnerability was identified.

    • OWASP: The OWASP category.

    • SANS: SANS Top 25 category.

    • Supply Chain Threats: Indicates whether the vulnerability is associated with supply chain threats.

    Previous
    Next