To view vulnerabilities in a container image scan report, perform the following procedure.

Procedure

  1. On the left navigation pane, do one of the following depending on your system configuration and role:
    • If you have the Kubernetes Security DevOps or SecOps role and your system has only the Container security feature, click Inventory > Container Images.
    • If you have any other role and your system has Container security and other Carbon Black Cloud features, click Inventory > Kubernetes > Container Images.
  2. Click the Deployed Images tab.
  3. Click the name of an image in the Image Tag column to open the Image Scan Report.
  4. Click the Vulnerabilities tab.
    Vulnerabilities tab on an Image Scan Report

    You can filter the list of vulnerabilities by severity, available fixes, type, and layer. For example, you can view only those vulnerabilities that have a high severity, available fixes, and of type deb:

    Available filters on the Vulnerabilities tab of the Image Scan Report

  5. Perform your search or view all vulnerabilities. The resulting list of vulnerabilities contains the following fields:
    • Severity level. Container images can have multiple vulnerabilities, each with a different risk score. Based on this score, vulnerabilities are filtered on the level of severity - critical, high, medium, and low. See Severity Scoring.
    • Vulnerability. You can click any CVE tag to see more details. See View a Container Image Scan Report - Vulnerability Details.
    • Type. You can filter vulnerabilities based on the package type. For example, the dpkg packages on Debian Linux type.
    • Package / Library
    • Version
    • Available fix. If a fix is available, you can view the package and version.
    • Exception toggle. See Allow an Exception for a Vulnerability.
    • Note. Click Add Note to include a note about this vulnerability; for example, if you create an exclusion, it is useful to note the reason for the exclusion.
  6. To export the vulnerability data into a CSV file, click Export.