Problems
- Ryan Seymour
You can find this module at the Global and Company levels.
In summary, these are the vulnerabilities and issues identified by the ConnectSecure scan agent(s). To enhance the understanding and communication of the types of vulnerabilities detected, problems are automatically organized into Problem Category groups. If you prefer to see everything, we have the All Vulnerabilities view as one of the problem groups.
Visit our YouTube Channel for more video content: https://www.youtube.com/@connectsecure
Table of Contents
Problems - Details
Access the Problems from the Assets category.
Problems are the automatic groups discovered vulnerabilities will go into instead of just the traditional lists that include the CVE and severity. We are trying to make it easier to identify the type of vulnerabilities and group them for easier reporting and remediation.
The Problems screen automatically describes the Problem Category Names and counts for each Problem Category are displayed in the number after the category name.
Problem Category Glossary of Terms
The system automatically classifies discovered vulnerabilities into the specific Problem Category Names in the table below.
Problem Category | Description |
|---|---|
All Vulnerabilities | Displays all discovered vulnerabilities for all categories |
Critical Severity Vulnerabilities | Displays critical-severity vulnerabilities only |
High Severity Vulnerabilities | Displays high-severity vulnerabilities only |
Medium Severity Vulnerabilities | Displays medium-severity vulnerabilities only |
Low Severity Vulnerabilities | Displays low-severity vulnerabilities only |
SMB Vulnerabilities | Displays the SMB protocol-related vulnerabilities |
SSL/TLS Vulnerabilities | Displays the SSL?TLS cipher/certificate-based vulnerabilities |
Remote Login Vulnerabilities | Displays the remote login-based vulnerabilities |
CISA Notified Vulnerabilities | Displays the CISA-classified vulnerabilities |
EPSS >= 0.95 | Displays the vulnerabilities where the EPSS score is greater than or equal to 95% |
EPSS Between 0.90 & 0.95 | Displays the vulnerabilities where the EPSS score is between .90 and .95% |
EPSS Between 0.90 & 0.85 | Displays the vulnerabilities where the EPSS score is between .90 and .85% |
Informational | Displays the vulnerabilities where the category is informational only; these do not carry a CVE or impact the risk score or asset scoring of the company |
This screen gives detailed information about the Problems. It lets you quickly sort and filter the data based on the Problem Category categories, affected companies, assets, and suppressed records.
Problem Name
This includes the unique CVE-ID or description of the vulnerability.
Click on the CVE-ID or Problem Name value to be directed to the source.
Example from above: https://nvd.nist.gov/vuln/detail/CVE-2012-3807
Description
Includes the description of the vulnerability.
Assets
Displays the count of Assets affected by the vulnerability.
Click on the number count to see the asset's IP, Host Name, Importance, and Company Name.
Severity
Displays the Severity category for the selected vulnerability.
ConnectSecure Score
This is used for End-of-Life scoring, which will be displayed as a 10 since security updates are no longer provided to the EOL software.
Otherwise, the ConnectSecure Score will simply be the same as the NVD Base Score (for any non-EOL)
NVD Scores
Displays scores based on the vulnerability, including Base, Impact, and Exploitability, from the National Vulnerability Database (NVD).
Companies
Displays the number of companies affected by the vulnerability.
Click on the number count to see assets by Company and Count.
Click on the number count to see asset IP, Host Name, Importance, and Company Name.
Clicking the asset IP will take you to the Asset Details view.
Suppressed Records
Tap here to view any Approved, Open, or Closed-out problems marked for suppression.
NOTE: If you suppress a single CVE-ID, it will also suppress any related or superseded CVE-IDs that are related, and these will show up in the Suppressed Records area.
Auto Suppressed
These problems have been automatically suppressed based on your Suppress Vulnerabilities Days settings, which are available at both company and global levels.
Global Settings x | Suppress Vulnerabilities Daysarchived
Company Settings | Suppress Vulnerabilities Daysarchived
Integration Actions
Tap on the three-dot Action menu, or, use the checkbox with Global Actions.
Global Problem View Switching - Global to Company
We have simplified switching between Global Problems and Company Problems by changing the Company value in the drop-down menu at the top right corner. Select any company, and the list will automatically update with filtered information.
Problems - Toolbar Options
Jobs
View the various system jobs.
Alerts
View our timeline style of System Events captured for each company. You can set an optional date filter range to target a specific date range of events.
Info
Tap here to view your V4 Getting Started Info.
https://cybercns.atlassian.net/wiki/x/MIDKfw
Help Link
Click to access the related documentation page; this link is functional on all screens and will take you to the appropriate documentation page.
Layout Settings
Here, you can change the UI look and feel using various options, including the Theme for color, the Scheme for dark and light mode, the Layout for toolbar and module positions, and the toggle to set the table view default.
Get Support
Our support team is here to help. Use one of three options to start a support request.
Email to support@connectsecure.com
Login to our Freshdesk partner portal at https://cybercns.freshdesk.com