# Vulnerability Management The Vulnerabilities page displays the complete details of all the vulnerabilities identified in the applications. The page displays the following panels: * [Vulnerability Prioritization](#vulnerability-prioritization) * [Vulnerability Enrichment](#vulnerability-optimization) ### Vulnerability Prioritization The vulnerability prioritization panel displays the vulnerabilities in the form of graphs. Vulnerabilities are given prioritization ranks based on Exploit Prediction Scoring System (EPSS), the Common Vulnerability Scoring System (CVSS), and the Knowledge of Exploit Vulnerability (KEV). **EPSS** EPSS is a predictive model that analyzes the risk level of the vulnerability being exploited in the future. It evaluates the complexity of exploitation, the existence of publicly available exploits, and the potential impact of an exploit. By analyzing these elements, EPSS assigns a score that indicates the risk level associated with a vulnerability. **CVSS** CVSS is a framework for assessing the severity of vulnerabilities. It provides a standardized method for evaluating vulnerabilities based on various metrics, such as exploitability, impact, and complexity. The CVSS score, ranging from 0 to 10, helps you to prioritize the response efforts by identifying the most critical vulnerabilities. **KEV** KEV, or Knowledge of Exploit Vulnerability, refers to the availability of information about a vulnerability and its associated exploits. A high KEV indicates that detailed information about the vulnerability is publicly available, increasing the likelihood of exploitation. By considering KEV alongside EPSS and CVSS scores, you can gain a more comprehensive understanding of the risk posed by a vulnerability. The vulnerabilities are ranked based on prioritization, into 6 types of categories as shown below:

* **Priority 1+** - Top priority, these vulnerabilities are found in CISA's Known Exploited Vulnerabilities Database and is the real threat. * **Priority 1** - (Upper right quadrant) - Critical vulnerabilities which are most likely to be exploited. For a Vulnerability to be in Priority 1, CVSS score should be greater than 6 and EPSS score greater than 0.2. * **Priority 2** - (Bottom right quadrant) - These vulnerabilities may cause serious impact and are much less likely to be exploited. For a Vulnerability to be in Priority 2, the CVSS score should be greater than 6 and EPSS Score should be less than 0.2. * **Priority 3** - (Upper Left quadrant) - These vulnerabilities are more likely to be exploited but would not cause serious impact. For a Vulnerability to be in Priority 3, the CVSS score should be less than 6 and EPSS Score should be greater than 0.2. * **Priority 4** - (Bottom Left quadrant) - These vulnerabilities are less likely to be exploited and would not cause serious impact. For a Vulnerability to be in Priority 4, the CVSS score should be less than 6 and EPSS Score should be less than 0.2. * **Unprioritized** - Vulnerabilities which are not categorized by the above 5 types of Priorities are considered as unprioritized. {% hint style="info" %} * You can download the vulnerability data as .json, .pdf or .csv files. {% endhint %} ### Vulnerability Enrichment The vulnerability enrichment panel displays the vulnerabilities that are of exploitation, automatable and technical impact category.

### Top 5 Vulnerabilities The **Top 5 Vulnerabilities** tab on expanding, displays the list of 5 most critical and prioritized vulnerabilities for the selected application along with their CVSS value.

### Vulnerability Deduplication To avoid duplication of vulnerabilities, components impacted with the same CVE are grouped and displayed. In the example shown below, components that are impacted by CVE-2024-22262 are grouped under it.

On clicking the CVE, a popup is displayed. The **Show impacted components** section displays the total number of components impacted by the selected CVE.

By expanding this section, all the components that are impacted are displayed as shown below:

### JIRA Automation JIRA tickets are automatically created and also can be manually created for the vulnerabilities. If the vulnerability with security issue is of Critical or High severity, the Jira is automatically created and for other severities you can create manually by using the **Create Jira Ticket** option in the vulnerabilities details popup. #### Creating JIRA Ticket To create JIRA tickets, follow the steps given below: * Expand the **Show impacted components** drop down. The list of all the components impacted by the selected vulnerability are displayed.

* Click the **Actions** column.

* Click the **Create Jira Ticket** option. * An option to create the Jira ticket is displayed. Click **Create**.

### Smart Search The smart search option in the Vulnerabilities details page is used to search for specific components based on Artifact, Component, Severity or Vulnerability. * Click in the **Search** dropdown. The available search options are displayed.

* Select the required option. A dropdown with the values specific to the selected option are displayed. For example: Vulnerability is selected as the search option as shown below:

* Select the specific vulnerability value for which you want to find the components, and press **Enter**. The components with the selected vulnerability are displayed.

* The displayed vulnerability page can be downloaded in either .CSV or .JSON or PDF formats by clicking the **Download** button provided at the top right corner as show below:

The vulnerabilities can be searched from the Application Dashboard page also. The following example shows searching for the applications based on the **Vulnerability** in this page. * Select **Vulnerability** from the search dropdown. Now enter the vulnerability name as shown below and press **Enter**. The applications with the given vulnerability are displayed.

* Select a application and click it. The environment in which the vulnerability is found is highlighted and the current deployments with the selected vulnerability are displayed as shown below. * Click on any **Vulnerability** count for the displayed active deployments.

* The vulnerabilities details page is displayed. Click search and select **Vulnerability** from the search options. * Now select the same vulnerability name from the displayed list. All the components related to the selected current deployment are displayed.