Views:

View important information regarding a specific CVE detected in your environment and any associated prevention and detection rules available from your integrated products.

CVE profiles provide detailed information regarding the CVEs detected in your organization's environment, the mitigation options available from your Trend Micro products, and any additional reference information for use in further investigation. The type of CVE determines what information is displayed in the profile.
To view the profile of a highly exploitable unique CVE, go to Operations Dashboard and select the Vulnerabilities risk factor in the Risk Factors tab. Then, click the Vulnerability ID of the CVE under Highly Exploitable Unique CVEs. You may also click the open in new tab icon (open-in-new-tab-icon.png) next to the CVE in Network SecurityIntrusion Prevention Configuration.
To view the profile of a time-critical CVE, go to the Exposure Overview tab in Executive Dashboard and click View details in the corresponding security alert.
The following table details the tabs that can be displayed when viewing the profile screen for a highly exploitable unique CVE. Displayed tabs vary depending on the types of assets vulnerable to the CVE.

Highly Exploitable Unique CVEs - Tabs

Tab
Description
Basic
General information about the CVE
Devices
Lists your devices vulnerable to the CVE
Hosts
Lists your internet-facing assets vulnerable to the CVE
Containers
Lists your cloud-based container clusters and images vulnerable to the CVE
Cloud VMs
Lists your cloud VMs and cloud data storage vulnerable to the CVE
Note
Note
Only EBS volumes that are attached to an EC2 instance are displayed when viewing by Cloud VMs. All EBS volumes are listed when viewing by Cloud data storage.
Threat Intelligence
Important
Important
This is a pre-release sub-feature and is not part of the existing features of an official commercial or general release. Please review the Pre-release sub-feature disclaimer before using the sub-feature.
Displays emerging threats and threat actors associated with the CVE as well as threat hunting queries you may use to search for associated threats in your environment
  • Click on the name of an emerging threat or threat actor to view the corresponding profile in Threat Insights
  • Click Execute Query in the entry for a threat hunting query to run the query in the Search app
  • Click Copy Query in the entry for a threat hunting query to copy the query to your clipboard
The following table details the information displayed in the Basic tab when viewing the profile screen for a highly exploitable unique CVE.

Highly Exploitable Unique CVEs - Basic

Section
Description
General
General information about the CVE
  • Global exploit activity: Determined by frequency in which the vulnerability is exploited globally and the expectation that the vulnerability might be exploited in the future
  • Published: The official publish date of the CVE
  • Description: The official CVE description
  • CVSS: The Common Vulnerability Scoring System (CVSS) information
Attack Prevention / Detection Rules
Displays how Trend Micro products can detect and mitigate the risk posed by the vulnerability
Note
Note
All Trend Micro product capabilities display regardless of whether you have the product connected in your environment. For information about how to purchase Trend Micro products, contact your sales representative.
For more information on connecting products to Operations Dashboard, see Configuring data sources.
For the TippingPoint device, click the Rule ID / Malware Name link to view Attack Prevention Rule Details, which lists all available filter rules and the current status of each in your environment (if applicable).
Important
Important
Locate and block the filter rules on all profiles using the TippingPoint Security Management System web management console (ProfilesInspection ProfilesGlobal Search).
Mitigation Options
Provides a set of recommended actions curated by Trend Micro threat experts that you can use to mitigate the selected vulnerability
Reference
Displays additional reference links for the CVE
The following table details the information displayed when viewing the profile screen for a time-critical CVE.

Time-Critical CVEs

   
Details
General information about the CVE
If Vulnerability Assessment is enabled, you can see a summary of the number of assessed devices in your environment, how many are affected by the vulnerability, and how many endpoints have been the target of exploit attempts.
Attack Prevention / Detection Rules
Displays how Trend Micro products can detect and mitigate the risk posed by the vulnerability
Note
Note
All Trend Micro product capabilities display regardless of whether you have the product connected in your environment. For information about how to purchase Trend Micro products, contact your sales representative.
For more information on connecting products to Operations Dashboard, see Configuring data sources.
For the TippingPoint device, click the Rule ID / Malware Name link to view Attack Prevention Rule Details, which lists all available filter rules and the current status of each in your environment (if applicable).
Important
Important
Locate and block the filter rules on all profiles using the TippingPoint Security Management System web management console (ProfilesInspection ProfilesGlobal Search).
Mitigation Options
Provides a set of recommended actions curated by Trend Micro threat experts that you can use to mitigate the selected vulnerability
Reference
Displays additional reference links for the CVE
Affected Devices
If Vulnerability Assessment is enabled, lists the devices in your environment vulnerable to the time-critical CVE
Trend Vision One analyzes detection logs to determine how often attackers have attempted to exploit the vulnerability on each endpoint.
  • Click All vulnerable devices to see all endpoints vulnerable to the CVE
  • Click Investigation recommended to see the endpoints with detected exploit attempts
  • Search for specific endpoints by name
  • Click any device or user name to see a detailed asset profile