CPE Applications

You can view information about Common Platform Enumeration (CPE) products using their CPE names and then use this standardized information to help make fully or partially automated decisions regarding the application assets. You can also view information about related Common Vulnerabilities and Exposures (CVE) instances.

The table lists all applications. You can use the grouping and filtering options to affect what information is displayed.

From the top menu, click Assets> Applications, and then select the CPE Applications tab.

You can view, edit, and take actions on items.

Tip: To control the CPE configuration, you can configure it by using the Configure CPE button. You can initiate synchronization and matching with the CPE library by using the Execute sync and matching now button.

Note: The CPE Application list can be lengthy. You can hide items such as internal IT tools to make the list more consumable. Toggle the Show Hidden CPE Applications to turn their visibility on and off.

The CPE Applications tab on the Applications page

Table 1. CPE Applications Page Fields
Field	Description
`Company`	The Company name (if provided) in the file metadata.
`Product Name`	The Product Name (if provided) in the file metadata.
`Product Version`	The Product Version (if provided) in the file metadata.
`Constructed CPE Item`	Describes a set of products or to identify an individual product. This field uses the well-formed-name construction defined by: https://csrc.nist.gov/publications/detail/nistir/7695/final
`Total CVEs`	If the application is matched against CVE instances, the total number of CVE instances is displayed.
`Most Dangerous CVE`	If the application is matched against CVE instances, the most dangerous instance is displayed.
`Highest CVSSv3 Score`	If the application is matched against CVE instances, the highest CVSS v3 score of the CVE instances is displayed.
`Matched Title`	If the application is matched against a CPE Dictionary item, the matched item’s title displays.
`Matched CPE Item`	If the application is matched against a CPE Dictionary item, the matched item’s well-formed name is displayed.
`Date Modified`	If the CPE match information has been modified since creation or import, date and time it was modified.
`Last Modified By`	If the CPE match information has been modified since creation or import, the user who modified it.
`Matched CVEs`	If the application is matched against a CVE instance, the matched instance name is displayed. If a critical CVE is matched, an event is generated, which can be viewed on the Alert Instances page, stating that a critical CVE is detected.
`Matched Vendor`	If the application is matched against a CPE Dictionary item, the matched item’s vendor is displayed.
`Matched Name`	If the application is matched against a CPE Dictionary item, the matched item’s name is displayed.
`Matched Version`	If the application is matched against a CPE Dictionary item, the matched item’s version is displayed.