On the AppDefense plug-in dashboard, the Vulnerabilities tab displays vulnerabilities by severity. The tabs at the bottom sort the vulnerabilities based on the assets. The Windows OS tab displays list of vulnerabilities for the virtual machines having Windows operating system. The Linux OS tab displays list of vulnerabilities for the virtual machines having Linux operating system. To view OS vulnerabilities, AppDefense Guest Module and AppDefense Host Module must have version 18.104.22.168 or later.
The VMs affected by the vulnerability are listed in the Affected VMs panel. Click the name of the virtual machine and view all vulnerabilities for any particular virtual machine.
- Go to the tab.
- Click the OS tab.
All the operating system level vulnerabilities related to that particular VM are listed. You can filter the columns using the filter icon. You can also view the external National Vulnerability Database (https://nvd.nist.gov/) website.
To resolve the vulnerability for the Windows OS, look at the CVE-ID and apply the suggested KB patch.
For Linux OS, vulnerability is associated at the package level. The Version and Fixed By column displays the version and the build number in which the listed vulnerability is fixed.
To resolve the vulnerability for the Linux OS, upgrade to the listed version and the build number.
If the Fixed By column is empty, then probably there is no update available from the product to fix the vulnerability or AppDefense do not have enough information to point to a specific resolution.