Vulnerability Catalog
The Vulnerability Catalog page provides a comprehensive view of all vulnerabilities identified within a selected application. You can view, search, sort, filter, and change the status of these vulnerabilities.
The following summary widgets offer a quick overview of the vulnerability data.
-
Unique Vulnerabilities: Displays the total number of distinct vulnerabilities. Each unique vulnerability may have multiple instances, but it is counted only once in this summary.
-
Severity Distribution: Displays the count of vulnerabilities based on their severity levels.
-
Compliance Issues: Indicates the number of vulnerabilities that are related to OWASP or SANS standards.
-
Resolved Vulnerabilities: Displays the number of vulnerabilities that have been resolved. A vulnerability is considered resolved when its status is changed to one of the following: fixed, false positive, removed, or risk accepted.
You can perform the following actions within the Vulnerability Catalog.
-
Choose an application from the Application Name dropdown to view its specific vulnerabilities.
-
Use the Search bar to find vulnerabilities by name or other criteria. Additionally, you can add filterable columns to search for vulnerabilities based on specific fields.
-
Click Export and select either CSV or JSON to save the list of vulnerabilities in the desired format.
-
Apply filters to narrow down the list of vulnerabilities based on various criteria, such as severity, status, or compliance. See Filtering Vulnerabilities.
-
View vulnerability details. See Viewing Vulnerability Details.
-
Modify the status of vulnerabilities. See Modifying the Vulnerability Status
The following fields are displayed for each vulnerability. The vulnerabilities are grouped by severity. To customize the visible columns, hover over the first column header and click the gear icon. From the displayed menu, select or deselect the column names you want to add or remove.
-
Severity: The level of risk associated with the vulnerability.
-
Title: A brief description of the vulnerability.
-
Status: The current status of the vulnerability.
-
Scanner: The type of scanner that detected the vulnerability.
-
CWE: The Common Weakness Enumeration (CWE) identifier that categorizes the vulnerability.
-
Similar Occurrences: The number of times this vulnerability has been detected in other applications or environments.
-
Source File: The specific file within the application where the vulnerability was found.
-
CVE: The Common Vulnerabilities and Exposures (CVE) identifier, if applicable.
-
Finding ID: A unique identifier assigned to the vulnerability.
-
FortiGuard Outbreaks: Indicates whether the vulnerability is associated with any known FortiGuard outbreak alerts.
-
Last Scanned: The date and time of the last scan that detected the vulnerability.
-
Line Number: The specific line within the source file where the vulnerability was identified.
-
OWASP: The OWASP category.
-
SANS: SANS Top 25 category.
-
Supply Chain Threats: Indicates whether the vulnerability is associated with supply chain threats.