Vulnerability information is available in the KnowledgeBase and when you click on a vulnerability title to expand details, such as from scan reports, remediation tickets, and host information.
Please note that not all vulnerability details listed below appear in all report formats.
QID. The Qualys ID number assigned to the vulnerability.
Category. The category the vulnerability is assigned to. See Vulnerability Categories for information.
CVE ID. If available, this is a link to the CVE name(s) associated with this vulnerability check. CVE (Common Vulnerabilities and Exposures) is a list of common names for publicly known vulnerabilities and exposures. Through open and collaborative discussions, the CVE Editorial board determines which vulnerabilities or exposures are included in CVE.
Vendor Reference. A reference number released by the vendor in regards to the vulnerability, such as a Microsoft Security Bulletin like MS03-046. This may be a link directly to the vendor's web site.
Bugtraq ID. The Bugtraq ID number assigned to the vulnerability by SecurityFocus, a vendor-neutral web site that provides security information to members of the security community. Select the Bugtraq ID to link directly to the SecurityFocus web site.
Service Modified. The date the vulnerability was last modified by the service. The Service Modified date is updated when any of the following attributes has changed: severity level, threat description, impact description, solution description, patch availability, CVSS base score, CVSS temporal score, authentication requirement, or PCI relevance.
User Modified. The date the vulnerability was last modified by a user. The User Modified date appears when a user has updated any of the following attributes: severity level, threat comment, impact comment or solution comment.
Edited. Identifies whether this vulnerability was edited by a Manager user. "Yes" indicates that the vulnerability was edited. "No" indicates that the vulnerability was not edited.
PCI Vuln. Indicates whether this vulnerability must be fixed to pass a PCI compliance scan. This information helps users to determine whether the vulnerability must be fixed to meet PCI compliance goals, without having to run additional PCI compliance scans. "Yes" indicates that the vulnerability must be fixed to pass PCI compliance. "No" indicates that the vulnerability does not need to be fixed to pass PCI compliance.
<LAST_UPDATE>. (XML format only) The date the vulnerability was last modified by the service. This date appears in the <LAST_UPDATE> element. This date is updated when any of the following attributes has changed: severity level, threat description, impact description, solution description, patch availability, CVSS base score, CVSS temporal score, authentication requirement, or PCI relevance.
CVSS Base. The CVSS Base score represents the fundamental, unchanging qualities of the vulnerability. This score is displayed only when the CVSS Scoring feature is enabled for the subscription. The CVSS Base score that is displayed was provided by NIST, unless the score is marked with the footnote [1].
The footnote [1] indicates that the CVSS Base score that is displayed for the vulnerability is not supplied by NIST. When the service looked up the latest NIST score for the vulnerability, as published in the National Vulnerability Database (NVD), NIST either listed the CVSS Base score as 0 or did not provide a score in the NVD. In this case, the service determined that the severity of the vulnerability warranted a higher CVSS Base score. The score provided by the service is displayed.
CVSS Temporal. The CVSS Temporal score represents time dependent qualities of the vulnerability. This score is displayed only when the CVSS Scoring feature is enabled for the subscription. The CVSS Temporal score that is displayed was provided by the service.
Threat. A description of the threat posed by the vulnerability. The threat description is provided by the service.
Any Manager can append comments to the threat description by editing the vulnerability in the KnowledgeBase. Manager-provided comments appear under the heading "THREAT COMMENTS". In XML format, this heading appears in the <DIAGNOSIS> element.
Impact. A description of the impact or possible consequences that may occur if the vulnerability is successfully exploited. The impact description is provided by the service.
Any Manager can append comments to the impact description by editing the vulnerability in the KnowledgeBase. Manager-provided comments appear under the heading "IMPACT COMMENTS". In XML format, this heading appears in the <CONSEQUENCE> element.
Solution. A description of the suggested solution to fix the vulnerability. This may include a link to a patch, update, the vendor's Web site, or a workaround. The solution description is provided by the service. For template-based scan reports, the Solution may also include virtual patch information that is correlated with the vulnerability from Trend Micro real-time feeds. Virtual patch information only appears when both of these conditions are met: 1) this information is available in the KnowledgeBase, and 2) the option "Virtual Patches and Mitigating Controls" has been selected in your scan report template. Note: Virtual patch information never appears in scan results.
A Manager can append comments to the solution description by editing the vulnerability in the KnowledgeBase. Manager-provided comments appear under the heading "SOLUTION COMMENTS". In XML format, this heading appears in the <SOLUTION> element.
Compliance. This section displays compliance information associated with the vulnerability when available for the QID. Compliance types that may be listed include SOX, HIPAA, GLBA, CobIT and PCI. See Compliance Definitions to learn more.
Exploitability. This section provides exploitability information that is correlated with the vulnerability, when this information is available in the KnowledgeBase. Exploitability information gives users the ability to perform risk-oriented analysis of vulnerabilities and to further prioritize their remediation plans. The service constantly correlates exploitability information from real-time feeds to provide up to date references to exploits and related security resources.
Associated Malware. This section provides malware information that the service has correlated with the vulnerability, when this information is available in the KnowledgeBase. The service constantly correlates malware information obtained from Trend Micro Threat Encyclopedia real-time feeds to provide up to date references to malware threats and related security resources.
Results. Specific scan test results for the vulnerability, when returned by the scanning engine.
Last Scan Date. The last time the host was scanned.
First Detected. The date and time the vulnerability was first detected on the host.
Last Detected. The date and time the vulnerability was most recently detected on the host.
Times Detected. The total number of times the vulnerability was detected on the host.