I need some help with asset report. The report I need is very simple: high and medium vulnerabilities report. According what Cathy said on another discussion I created a new asset report from the ground and I configured filters as it is shown in the attached picture. In the Sections configuration I only checked Foundcore. Check please the attached picture from the report and verify that it was included informational, low, medium and high vulnerabilities, when the filter setup was only for high and medium vulns.
Please I need your advise to understand if my MVM is not working well or I have a misunderstanding of asset reports configuration.
Asset Report Filter Config
Asset Report Sections Config
Asset Report Results
In the first screenshot, that section is meant to filter out the particular assets (scanned targets) you'd like to include in the report. Now if you look closely at the second screenshot there is a section you've left unchecked named "Vulnerability assessment". You need to check that box than follow up by clicking on the link to select the vulnerabilities. From there you would include a "Vuln Set" that is configured Med and High Sev vulnerabilities.
Hope you find that this resolves your issue.
Thanks for your reply Moniker. If Section tab will setup the "filter" to get High and Medium vulns. what is the purpose to include "Vulnerability Severity" option in Filter tab?
By the way get the report based on "Vuln Set" it is a non dynamic configuration, if a new high or medium vulnerability appears and you dont't manually update the "Vuln Set" that new vulnerabilities won't appear in following reports.
I believe the point of the vulnerability severity in the filter tab, is to allow you to include assets that have vulnerabilities matching the level you've filter for (in your case med and high). But if those assets also have low and info severities, those will also be added to the report as you've encountered and prompted this thread.
So filter tab is used for filtering the list of assets you want to appear on the report, the sections tab allows you to filter out the vulnerabilities you want to appear on the report.
As far as I know, when you use rule-based vuln sets than future vuln updates are added to the vuln set automatically. If you created you're vuln set by checking off the individual vulnerabilities, then new updates are not be included.