View important information regarding a specific CVE detected in your environment and any associated prevention and detection rules available from your integrated products.
CVE profiles provide detailed information regarding the CVEs detected in your organization's
environment, the mitigation options available from your Trend Micro products, and any additional reference information for use in further investigation.
The type of CVE determines what information is displayed in the profile.
To view the profile of a highly exploitable unique CVE, go to Operations Dashboard and select the Vulnerabilities risk factor in the Risk Factors tab. Then, click the Vulnerability ID of the CVE under Highly Exploitable Unique CVEs. You may also click the open in new tab icon () next to the CVE in
.To view the profile of a time-critical CVE, go to the Exposure Overview tab in Executive Dashboard and click View details in the corresponding security alert.
The following table details the tabs that can be displayed when viewing the profile
screen for a highly exploitable unique CVE. Displayed tabs vary depending on the types
of assets vulnerable to the CVE.
Highly Exploitable Unique CVEs - Tabs
Tab
|
Description
|
||
Basic
|
General information about the CVE
|
||
Devices
|
Lists your devices vulnerable to the CVE. Select a device to change the status of
the CVE on the specified device.
|
||
Hosts
|
Lists your internet-facing assets vulnerable to the CVE. Select a host to change the
status of the CVE on the specified internet-facing asset.
|
||
Containers
|
Lists your cloud-based container clusters and images vulnerable to the CVE
|
||
Cloud VMs
|
Lists your cloud VMs and cloud data storage vulnerable to the CVE
|
||
Threat Intelligence
|
Displays emerging threats and threat actors associated with the CVE as well as threat
hunting queries you may use to search for associated threats in your environment
|
The following table details the information displayed in the
Basic tab when viewing the profile screen for a highly exploitable unique
CVE.
Highly Exploitable Unique CVEs - Basic
Section
|
Description
|
||||
General
|
General information about the CVE
|
||||
Attack Detection/Prevention Rules
|
Displays how Trend Micro
products can detect and mitigate the risk posed by the vulnerability
For the TippingPoint device, click the Rule ID / Malware
Name link to view Attack Prevention Rule Details, which
lists all available filter rules and the current status of each in your environment
(if
applicable).
|
||||
Mitigation Options
|
Provides a set of recommended actions curated by Trend Micro threat experts that you can use to mitigate the selected vulnerability on applicable
operating systems.
For some supported platforms, Trend Vision One automatically detects completed mitigation actions, sets the CVE status to Mitigated,
and removes affected devices from the affected devices list. CVEs on some platforms
are not supported for automatic detection, which means any mitigated devices may still
remain on the affected devices list. Trend Micro still recommends you to complete
mitigation actions on unsupported platforms to strengthen your security posture.
|
||||
Reference
|
Displays additional reference links for the CVE
|
The following table details the information displayed when viewing the
profile screen for a time-critical CVE.
Time-Critical CVEs
Details
|
General information about the CVE
If Vulnerability Assessment is enabled, you can see the affected operating systems, the number of assessed devices
in your environment, devices affected by the vulnerability, and the number of exploit
attempts.
|
||||
Attack Prevention / Detection Rules
|
Displays how Trend Micro
products can detect and mitigate the risk posed by the vulnerability
For the TippingPoint device, click the Rule ID / Malware
Name link to view Attack Prevention Rule Details, which
lists all available filter rules and the current status of each in your environment
(if
applicable).
|
||||
Mitigation Options
|
Provides a set of recommended actions curated by Trend Micro threat experts that you can use to mitigate the selected vulnerability on applicable
operating systems.
|
||||
Reference
|
Displays additional reference links for the CVE
|
||||
Affected Devices
|
If Vulnerability Assessment
is enabled, lists the devices in your environment vulnerable to the time-critical
CVE
Trend Vision One analyzes detection logs to determine how
often attackers have attempted to exploit the vulnerability on each endpoint.
|