Vulnerabilities

By clicking on the Vulnerabilities Module, you can create a New Scan, visualize an Overview, and analyze Tasks. 

The vulnerabilities are classified by severity info:  

• Log: Severities with a value equal to 0. 
• Low: Severities with values between 0.1 and 3.9. 
• Medium: Severities with values between 4 and 6.9. 
• High: Severities with values between 7 and 10.   

1. New Scan

The New Scan option allows you to create a New Vulnerability Scan by instance and specific host(s). Also, it allows Advanced Options such as Exclude host(s) from the scan and scanning a specific User Authentication (username and password). 

Steps to create a New Scan:

1. Select your instance (probe to run the scan).
2. Type in the Scan host box your specific IP(s) and/or IP range(s) (e.g., 172.17.0.14/24) and click on the Add host button.
3. Shows the advanced option.
   • Adds the host(s) you want to exclude from the scan, and click on the Add exclusion button.
   • Type the username and password you want to include in the scanning process. The user should log in to the scanned host(s). The SSH Port is usually 22.
4. Click on the Create quick scan button.

2. Overview

The Vulnerability Overview pane displays a flexible resume of all vulnerabilities through different visualizations. 

Extra functionalities:

1.  With the Save to PDF button, you can print all the information represented in the pane. 
2. The Calendar icon allows filtering the top 10 most vulnerable hosts in a specific time range. 
3. If you click on any host (IP or IP range), you can open a new window with the Vulnerabilities Result for that host.  

• By clicking on any row, you can see the details associated with that vulnerability. 

• If you click on the View Tasks button, you will see the Tasks option explained next.

3. Tasks

The Vulnerability Scan pane displays a table with the scanned vulnerabilities information during last 7 days. This information is given by Name, Status, Created at, Severity, Source, the quantity of High, Medium, and Low vulnerabilities, and Detail. The Action column allows you to Save Report or Stop the task when it's executing a scan. 

Extra functionalities:

1. UTMStack allows you from this pane create a New Vulnerability Scan explained above by clicking on the New Tasks button. 
2. In the Calendar icon, you can change the time range to display specific scanned vulnerabilities information during that time.
3. If you click on View detail, you will see all the details of the vulnerability associated with that host.
4. By clicking on any row, you can see Vulnerabilities Result for Task Scan over the IP range or IP.
   • If you click the View tasks button, you can return to the Vulnerability Scan pane.
   • In the Save report button, you can download an UTMStack Vulnerabilities Report in .pdf format.
   • Likewise, if you click on any row, you can see the details associated with that vulnerability.
5. In the left pane associated with the Filters, you can manage the visibility of the filters as Inactive or Visible. By default, UTMStack enables the filters Task, Status, Severity, Source, Hosts, and Ports.