Viewing security alerts that affect your servers

You can view the listing of common vulnerabilities and exposures (CVEs) affecting your inventory from the CVEs page in the WebSphere Automation UI. The CVEs are ranked by risk level and a list of affected servers for each CVE is provided.

Before you begin

You must have a user profile with the View security data permission or the Manage security data permission. For more information, see Configuring roles and permissions.

Procedure

  1. Log in to WebSphere Automation.
    For more information, see Accessing the WebSphere Automation UI.
  2. Open the Security page.
  3. Click the CVEs tab.
    Figure 1. Viewing example CVEs page with common vulnerabilities and exposures that affect server inventory
    Example CVEs page with security vulnerabilities that affect server inventory. Column headings include Risk level, CVE, Days exposed, Fixed servers, Vulnerable servers, and Detection date.
    If you do not see a listing of CVEs, either no servers are in the inventory, or you have insufficient permissions. For instructions on registering servers, see Registering a server. For more information about permissions, see Roles and permissions.
  4. Use the data to assess your exposures and plan your mitigation.
    Note the following controls:
    • Filtering options:
      CVE
      To show only the servers affected by a CVE, check the box for that cell in the list. You can select more than one CVE.
    • Sorting options (column headings):
      Risk level
      The severity of the security exposure with the greatest risk for each server, based on the CVSS values of the affecting CVEs. The scale is from 0 (no risk) to 10 (extreme risk). By default, the list of servers is sorted from greatest risk level to lowest.
      Servers fixed
      The number of registered servers that are fixed for this CVE. Click this heading to sort the rows in increasing or decreasing order. For numbers that are identical, the rows are sorted by risk level.
      Servers vulnerable
      The number of registered servers that are vulnerable to this CVE. In other words, the number of servers to which the appropriate fix is not applied. Click this heading to sort the rows in increasing or decreasing order. For numbers that are identical, the rows are sorted by risk level.
    Note the column headings:
    Risk Level
    The severity of the security exposures for this CVE, on a scale from 0 (no risk) to 10 (extreme risk).
    CVE
    The CVE ID for the common vulnerability and exposure, as listed in the associated published security bulletin. You can click this link to open the details page for this CVE, including a list of registered servers that are affected by the CVE.
    Days exposed
    The highest number of days that one of the registered servers has been exposed to this CVE. For example, if one server has been exposed to a CVE for 2 days, and another has been exposed for 4 days, then the number 4 is shown for the CVE.
    Initial detection time
    The date that WebSphere Automation first detected the vulnerability on a server.
    Note the following additional controls:
    Download audit report
    Opens a dialog to open or save an audit report with current common vulnerabilities and exposures (CVEs) in comma-separated text format. For more information, see Generating an audit report with CVEs for all servers.