View the vulnerabilities associated with a file

FACT lets you view the vulnerabilities associated with each of your files — whether they're the products your organization produces or the software your organization uses. These vulnerability associations are the results of FACT's AI-driven vulnerability hunting.

Vulnerabilities are assigned when your file first enters FACT, but the file can be updated at any time with additional vulnerability associations as new vulnerabilities are added to the system.

With the Partner Supplier plan, users also have the ability to add their own vulnerabilities.

Each vulnerability association is assigned a confidence rating and a vulnerability score.

  • The confidence rating indicates how accurate FACT believes the AI detection is for a vulnerability in relation to a file. By default, FACT displays the vulnerabilities with a confidence rating of 50% and greater.  
  • The vulnerability score takes the CVSS score and the confidence rating into consideration. This value allows you to prioritize the vulnerabilities so you can address the most critical cases first.

Together, this information allows you to focus your attention on the critical vulnerabilities that have an extremely high probability of being present — saving you time addressing the potential false positives.

  1. Use the Files menu in the sidebar to navigate to the Submitted Files page.
    Select Files > Product Files if you want to work with a product file. (Partner Supplier plan only)
  2. Locate the file whose vulnerabilities you want to view.

     Search Tip

    Use the filter and search features to display a set of files with specific attributes or help locate a particular file. See Filter and search for files for full instructions on using these features.

  3. Click a file name or the file's score to open the information window.
  4. Click the Vulnerabilities tab.
    This tab displays the vulnerabilities associated with the selected file. The vulnerabilities are sorted by their status.
  5. Select a tab to display the vulnerabilities you're interested in.

    Unassigned
    The selected files are considered to be affected by the vulnerabilities listed but have not yet been human verified.
    (Partner Supplier plan only)
    Under Investigation
    It is not yet known if the selected files are affected by the vulnerabilities listed.
    Affected
    The selected files are known to be affected by the vulnerabilities listed.
    Not Affected
    The selected files are known to be unaffected by the vulnerabilities listed.
    Fixed
    The selected files have been fixed for the vulnerabilities listed.
  6. Change the confidence level to adjust the number of vulnerability associations displayed.
  7. In the Grouped Vulnerabilities section, select how you want to view the vulnerabilities.
    You can view all vulnerabilities at once, or you can group them by product or component. The groupings help you locate vulnerabilities that are of particular priority or interest to you.

    You can sort the information in this section by any column in either ascending or descending order. Sorting by the vulnerability score and/or the confidence rating enables you easily see the most severe and the most likely vulnerabilities. 

    There are three panels in the Grouped Vulnerabilities section of the window. Move from left to right to drill into a vulnerability association.

    Group by Product
    • When grouping by Product, the first panel organizes the vulnerabilities associated with the selected file by product so you can easily see the source of the affected component: the products the affected components are found in. A count indicates the number of vulnerabilities found in each product.
    • Selecting a product populates the second panel with a list of the vulnerabilities associated with that product. A count indicates the number of components affected by each vulnerability. The Exploit Assessment column indicates the number of exploit assessments that exist for a vulnerability. Expand this field and click an exploit assessment to view it.
    • Selecting a vulnerability in the second panel displays the components in the currently selected file that are associated with that vulnerability. The higher the confidence score for a component, the more likely it is that the vulnerability is present.
    Group by Component
    • When grouping by Component, the first panel organizes the vulnerabilities associated with the selected file by component so you can see which components are most affected. A count indicates the number of vulnerabilities found in each component. A component is the currently selected file or any of its subcomponent files.
    • Selecting a component populates the second panel with a list of the vulnerabilities associated with that component. A count indicates the number of components affected by each vulnerability. The Exploit Assessment column indicates the number of exploit assessments that exist for a vulnerability. Expand this field and click an exploit assessment to view it.
    • Selecting a vulnerability in the second panel displays the components in the currently selected file that are associated with that vulnerability. The higher the confidence score for a component, the more likely it is that the vulnerability is present.
    Group by All Vulnerabilities
    • When viewing All Vulnerabilities, the first panel is a summary of the total vulnerability count for the currently selected file. The highest vulnerability score detected is displayed.
    • Clicking this summary populates the second panel with a list of the vulnerabilities found in the currently selected file. A count indicates the number of components affected by each vulnerability. The Exploit Assessment column indicates the number of exploit assessments that exist for a vulnerability. Expand this field and click an exploit assessment to view it.
    • Selecting a vulnerability in the second panel displays the components in the currently selected file that are associated with that vulnerability. The higher the confidence score for a component, the more likely it is that the vulnerability is present.

    There is clickable content in the Grouped Vulnerabilities section that displays additional information without you needing to leave the information window. You can:
    • Click a vulnerability's CVE ID to open a panel displaying details on that CVE.
    • Click a component to open a panel displaying some basic file properties, including its trust score. Click Go to File on this component panel to jump to the full details for that file. Use the Back button on the information window to return to the previously selected file.
    • A number in the Exploit Assessment column indicates that there are one or more exploit assessments for the vulnerability listed. Expand the field and click an exploit assessment to open it. The full document is displayed, including the status, a list of associated files, and the impact of the vulnerability on the selected file if it was to be successfully exploited. 
    • An arrow to the right of a column heading indicates the column that currently dictates the display order. Click the icon to reverse the sort order. To sort by another column, simply click the column label.
    • Click the Expand View button in the upper right corner of a panel to expand it to the width of the information window. Click Collapse View to return to the multiple panel view.
  8. Finally, if you're looking to see if a specific vulnerability is associated with the currently selected file or any of its subcomponents, type your search criteria in the search field provided. 
    FACT filters the list as you type, displaying only the vulnerabilities whose CVE ID contains the text you enter. When you use the search, the Grouped Vulnerabilities section uses the All Vulnerabilities grouping, regardless of any previous selection.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.