View Vulnerabilities in Acunetix 360

The Vulnerabilities page displays lists of vulnerabilities detected in scans run by your entire team. You can get an overview of the vulnerabilities that have been assigned to you, those that are awaiting a Retest and those that are Addressed.

Administrators and Project Managers benefit from an overview of all Vulnerabilities, including the current state of each vulnerability and to whom it has been assigned.

For further information, see Manage Vulnerabilities.

Vulnerability Pages

This table lists and explains the lists available from the submenus in the Vulnerabilities sidebar.

List

Description

Open

This page displays a list of all the vulnerabilities that have been assigned to you. You can take action by fixing them, assigning them to someone else or changing their status.

The number next to the sidebar name indicates how many outstanding items you have in your To Do list.

The Status column for each newly identified vulnerability will read Present. Once you click Retest, it will change to Fixed (Unconfirmed).

Waiting for Retest

This page displays a list of all Vulnerabilities whose Status has been updated to Fixed (Unconfirmed). They are waiting to be tested automatically by Acunetix 360.

Fixed Vulnerabilities

This page displays a list of all the vulnerabilities that have been addressed and whose Status has been updated to one of the following:

Accepted Risk        Indicates that the vulnerability has been considered and is marked as a low risk vulnerability

False Positive        Indicates that the vulnerability has been considered and is marked as not a genuine vulnerability

Fixed (Confirmed)        Indicates that the vulnerability has been fixed and requires no further action

Users with Manage Vulnerabilities permission can only mark a vulnerability’s state as 'Fixed (Confirmed)'.

All Vulnerabilities

This page displays a list of all Vulnerabilities detected in scans run by your entire team. The entire team can view all vulnerabilities in a scan report, even if they only have the Manage Vulnerabilities  permission.

Fields used in the Vulnerability pages

This table lists and explains the fields used in the Vulnerability pages.

Field

Description

Title

This is the name of the vulnerability (e.g. Cross Site Scripting).

Severity

This is the vulnerability severity level. The options are:

  • High
  • Medium
  • Low
  • Information

For further information, see Vulnerability Severity Levels.

Target Group

This is the name of the group to which the target belongs.

Target

This is the name of the scanned website.

URL

This is the address where the vulnerability has been detected.

First Seen

This is the date and time the vulnerability was first detected.

Last Seen

This is when the vulnerability was most recently detected.

Assignee

This is the name of the person who has been assigned the task. It may be:

  • The Technical Contact for the scanned website
  • The Team Member who initiated the scan
  • Any other member of the team

Status

This indicates the current State of the vulnerability . All Vulnerabilities are initially marked as Present. A vulnerability can have one of the following states:

  • Present
  • Accepted Risk
  • False Positive
  • Fixed (unconfirmed)

For further information, see Addressed Vulnerabilities and Vulnerability Lifecycle.

How to View a Vulnerability in Acunetix 360
  1. From the sidebar, click Vulnerabilities, then Open. (Alternatively, you can select another submenu.) A list of vulnerabilities is displayed.
  2. Click on the vulnerability Title to view its details.

Alternatively, all Scan Reports provide information on the vulnerabilities detected by scans. They can be accessed by clicking the Scans menu in the sidebar, then Recent Scans. Then, click  the Report button for the specific scan and scroll down to the Technical Report, which shows all detected vulnerabilities .

For further information, see Vulnerabilities Pages.

 

« Back to the Acunetix Support Page