Fortinet black logo

Administration Guide

Home FortiEDR/XDR 5.2.0 Administration Guide

Vulnerability

5.2.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.0
4.2.0
4.1.1
4.1.0
Copy Link
Copy Doc ID 30b84173-e130-11ec-bb32-fa163e15d75b:255973
Download PDF

Vulnerability

This option is only available to users who have purchased the Discover and Protect license or the Discover, Protect and Response license.

Each application in the application list also shows a vulnerability score.

FortiEDR categorizes applications/versions based on the Common Vulnerability Scoring System (CVSS) CVE scheme, which is commonly used worldwide. FortiEDR’s vulnerability scoring system provides a useful tool for vulnerability assessment, and enables you to review the weaknesses detected in your environment that could be exploited by attackers before they actually occur. Vulnerability assessment can be used together with virtual patching to block applications with known critical vulnerabilities, so that they cannot connect, until the system is patched for the CVEs listed.

FortiEDR categories vulnerabilities into the following categories based on National Vulnerability Database (NVD) severity ratings:

  • Unknown
  • Low
  • Medium
  • High
  • Critical

The Vulnerabilities area at the bottom right of the window lists the CVE-identified vulnerabilities for the selected application/version. Each CVE row includes the CVE identifier, the FortiEDR-assigned vulnerability Category and the CVSS vulnerability scores.

Note

CVSS scoring utilizes two systems: CVSS 3.0, the most recent, and CVSS 2.0, its predecessor. FortiEDR vulnerability information presents both CVSS 3.0 and CVSS 2.0 scores.s

You can click a CVE identifier link to view more details about that vulnerability in your browser, including the type of vulnerability, the application(s) it affects, the version(s) it affects and so on.

After a vulnerability is detected in your system, you can decide the type of the action needed to address it. Typically, it is recommended to upgrade to a newer version of the application, meaning one that does not have the identified vulnerability. Alternatively, virtual patching can be applied with vulnerability-based policy that is configured to block communication of any application with known critical vulnerability. For more details, see Policies. The information presented in the Advanced Data area of the window also provides useful information to help protect against vulnerabilities. For more details, Advanced Data.

Previous
Next

Vulnerability

This option is only available to users who have purchased the Discover and Protect license or the Discover, Protect and Response license.

Each application in the application list also shows a vulnerability score.

FortiEDR categorizes applications/versions based on the Common Vulnerability Scoring System (CVSS) CVE scheme, which is commonly used worldwide. FortiEDR’s vulnerability scoring system provides a useful tool for vulnerability assessment, and enables you to review the weaknesses detected in your environment that could be exploited by attackers before they actually occur. Vulnerability assessment can be used together with virtual patching to block applications with known critical vulnerabilities, so that they cannot connect, until the system is patched for the CVEs listed.

FortiEDR categories vulnerabilities into the following categories based on National Vulnerability Database (NVD) severity ratings:

  • Unknown
  • Low
  • Medium
  • High
  • Critical

The Vulnerabilities area at the bottom right of the window lists the CVE-identified vulnerabilities for the selected application/version. Each CVE row includes the CVE identifier, the FortiEDR-assigned vulnerability Category and the CVSS vulnerability scores.

Note

CVSS scoring utilizes two systems: CVSS 3.0, the most recent, and CVSS 2.0, its predecessor. FortiEDR vulnerability information presents both CVSS 3.0 and CVSS 2.0 scores.s

You can click a CVE identifier link to view more details about that vulnerability in your browser, including the type of vulnerability, the application(s) it affects, the version(s) it affects and so on.

After a vulnerability is detected in your system, you can decide the type of the action needed to address it. Typically, it is recommended to upgrade to a newer version of the application, meaning one that does not have the identified vulnerability. Alternatively, virtual patching can be applied with vulnerability-based policy that is configured to block communication of any application with known critical vulnerability. For more details, see Policies. The information presented in the Advanced Data area of the window also provides useful information to help protect against vulnerabilities. For more details, Advanced Data.

Previous
Next