Exposure Management
Understanding a vulnerability
Clicking any row in the vulnerabilities list opens the Vulnerability Details panel on the right. It gathers everything you need to understand one finding and decide what to do about it — how serious it is, what it is, how to fix it, and which of your assets it touches.
What it's for
- Judge severity and urgency at a glance from the severity badge and any active-threat signals.
- Read the finding in full — a plain description of the issue and the recommended fix.
- See the blast radius — the exact list of assets affected, so you know how wide the fix needs to go.
The screens in it
The detail panel opens beside the list without leaving the page, so you can move from row to row and keep your filters. Click a different row to load its details; click the close (×) button to dismiss the panel and return to the full-width list.
This panel opens from the Plugin (Unique) and All Instances views. In the Hostname, IP Address, and CVE grouped views, rows aren't clickable. In the Finding Layer view, clicking a row switches to the Plugin view filtered to that layer instead of opening this panel. See Finding and filtering vulnerabilities for the full breakdown by grouping mode.
Every part of the panel explained
The panel is read top to bottom. Sections only appear when the finding has that information.
| Section | What it tells you |
|---|---|
| Title & severity | The vulnerability's name, a colored severity badge (Critical, High, Medium, Low, or Info), and its identifier. |
| CVE | The linked CVE identifier. Click it to open the public entry in the National Vulnerability Database in a new tab. |
| Watch | A control next to the CVE that lets you follow it — you're notified when there's activity on that CVE. |
| Finding Layer | Whether the finding is an Operating System or Application issue (or Unclassified), plus how that was determined and how confident the classification is. A Conflict marker appears when sources disagree. |
| Description | A plain-language explanation of what the vulnerability is. |
| Solution | The recommended fix or remediation guidance. |
| Affected Assets | A count and a scrollable list of every asset the finding was found on, each with its hostname and IP address. |
A finding only shows the sections it has data for. A vulnerability with no recorded CVE, for example, simply won't show the CVE section — that's expected, not an error.
The severity badge
The severity badge is color-coded so you can read urgency instantly:
- Critical and High are the findings that most need attention.
- Medium and Low are lower-priority.
- Info is informational and usually needs no action.
Severity here matches the severity shown for the same finding in the list, so what you filter on and what you read always agree.
Common workflows
Workflow: investigate a finding and open its CVE
-
In the vulnerabilities list, click the row you want to look at. The Vulnerability Details panel opens on the right.
Step 1 — a finding selected, details open on the right -
Read the Description and Solution to understand the issue and its fix.
-
Click the CVE link to open the full public entry in a new tab for deeper background.
Step 2 — the CVE link in the detail panel -
(Optional) Use the Watch control beside the CVE to be notified of future activity on it.
Workflow: understand how widely a finding spreads
-
Open a finding's detail panel from the list.
-
Scroll to Affected Assets. The heading shows the total count.
-
Review the list of hostnames and IP addresses to gauge how much of your environment the fix needs to reach.
Step 3 — the Affected Assets list for a finding -
Return to the list and use Group By → Hostname (or Rescan Affected) to act across those assets. See Finding and filtering vulnerabilities.