You can view information about a common vulnerability or exposure (CVE) that affects your
inventory. From any page in the WebSphere Automation UI with a listing
of CVEs, click the link with the CVE ID to open an information page about the CVE.
Before you begin
You must have a user profile with the View security data permission
or the Manage security data permission. For more information, see Configuring roles and
permissions.
Open the Security page and click either the Servers
tab or the CVEs tab.
If you do not see a listing of servers, either no servers are in the inventory, or you have
insufficient permissions. For instructions on registering servers, see Registering a server. For more
information about permissions, see Roles and
permissions.
If on the Servers page, select a CVE link under the Unresolved
CVEs column. If on the CVEs page, click a CVE in the
CVE column. The CVE information page opens.
Figure 1. Example CVE information page with details about a particular common
vulnerability or exposure that affects server inventory
Use the data to assess your exposures and plan your mitigation.
Note the following controls:
Filtering options:
Vulnerability status
You can choose to between Resolved, Unresolved, and all servers. Resolved displays the servers
for which this CVE is fixed. Unresolved displays the servers for which this CVE is not fixed.
WebSphere version
To show only the servers of a specific version of WebSphere Application Server or WebSphere
Liberty, check the box for that version in the list. You can select more than one version.
Sorting options (column headings):
Servers
The name of the server. Click this column heading to toggle between grouping the servers
alphanumerically by name, in reverse order, or in original (unsorted) order. You can click the name
of the server to view information about the server on a
dedicated page.
WebSphere version
The version of WebSphere Application Server or WebSphere Application Server Liberty that is used by the server. Click this column to toggle
between grouping the servers numerically by version number, in reverse order, or in original
(unsorted) order.
Hostname
The hostname of the server. Click this column heading to toggle between grouping the servers
alphanumerically, in reverse order, or in original (unsorted) order.
Topology
The unique location information for the server. Click this column heading to toggle between
grouping alphanumerically, in reverse order, or in original (unsorted) order.
Vulnerability status
The status of the CVE on this server, either Resolved or Unresolved. Click this column heading
to toggle between alphabetical order by status, reverse alphabetical order by status, or in the
original order.
Detection date
The date that WebSphere Automation first detected the vulnerability
on a server. Click this column heading to sort between chronological order, reverse chronological
order, or the original order.
Other controls:
Prepare fixes
Click to open the Prepare fixes dialog for the selected servers. On the
Prepare fixes page, you can select the fix to use for this CVE for each
grouping of servers. Servers are grouped by similarity of installation information. For more
information, see Installing a fix.
View button
Click the View button to open the security bulletin page on the ibm.com site
for this vulnerability or exposure. This external link does not work if you are in an air gap
environment.
Page controls
You can select the number of servers to display per page, and move from page to page when the
list requires more than one page.
Note the following column headings:
Java SDK Version
The version of Java™ that is installed on the server.
Days exposed
The number of days that the server has been exposed to this vulnerability. WebSphere Automation only accounts for days that the server was exposed
beginning with the date that the server was registered. If the applicable fix was installed and then
uninstalled, the days during which the fix was installed are not included in the total.
