Versions Compared

Old Version 6

changes.mady.by.user Michelle Friedman

Saved on

compared with

New Version Current

changes.mady.by.user Michelle Friedman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel2

Overview

The Early Warning Report displays vulnerabilities that have automatically been identified by Mend, and are undergoing a certification review by the Mend research team. Once they are certified, they will be removed from the report, and will instead appear as part of the Vulnerabilities Report. The certified vulnerabilities will trigger the creation of alerts and, according to the user’s configuration, might also trigger policy matching with the libraries in which they appear. 

Accessing the Report

  1. From the main menu, select Reports > Early Warning. The Early Warning Report page is displayed.

  2. Select the scope for which the report should be created. The default scope is Organizational; however you can select any individual product and/or project for your data scope from the dropdown menus next to the report name. Do as follows:

    1. Open the All Products dropdown menu and select the product on which you want to base the report. 

    2. If you want to base the report on specific projects, open the All Projects dropdown menu and select one or multiple projects in the selected product.

    3. Click Apply and wait for the data to load into the report table.

  3. To further filter the report in order to view library properties with a specific value, do the following:

    1. Expand the Filter area, select a property from the By dropdown menu, and enter a Value by which to filter.
      The property options are: Library, Library Type, Severity, and Source File.

    2. Click Filter.

The Early Warning Report is generated.

Understanding the Report Data

The Early Warnings Report provides a table with the following columns of information:

NOTE: The information regarding vulnerabilities might not be as complete as the certified vulnerabilities, therefore some columns in the report might not contain any data. 

  • Severity: The severity of a vulnerability is between a range of 0 to 10, and has three severity levels for CVSS2 and five severity levels for CVSS3 as displayed below:

...

CVSS v2.0 Ratings

...

CVSS v3.0 Ratings

...

Severity

...

Base Score Range

...

Severity

...

Base Score Range

...

None

...

0.0

...

Low

...

0.0-3.9

...

Low

...

0.1-3.9

...

Medium

...

4.0-6.9

...

Medium

...

4.0-6.9

...

High

...

7.0-10.0

...

High

...

7.0-8.9

...

Critical

...

9.0-10.0

  • Library: The library that was detected as vulnerable. Clicking the library name opens its Library Details page.

  • Early Warning ID: The early warning identifier, Clicking the 'Early Warning' link displays the vulnerability details, a link to MITRE source, the CVSS3 base score metrics (when available), a link to the library's CVE web page (when relevant) and provides a fix (if it exists).

  • Source File: File where the vulnerability was found.

  • CVSS Score: The vulnerability's Common Vulnerability Scoring System (CVSS) score.

  • CVSS Type: CVSS 1, CVSS 2, etc. Refer here for more information.

  • Creation Date: The date when the vulnerability was created.

  • Modified Date: The date when the vulnerability was last modified.

  • Product: The product where the vulnerability was found.

  • Project: The project where the vulnerability was found.

  • Confidence Score: The estimation of how certain the algorithm is that the newly identified CVE is a legitimate vulnerability.

NOTE: By clicking on any of the column headers you can sort the table in ascending order. Clicking a column header again will sort in descending order. For example, clicking on the first column Severity sorts the report from high vulnerabilities to low in descending order.This page is available at: https://docs.mend.io/bundle/sca_user_guide/page/the_early_warning_report.html