Issues Vulnerabilities

Horizon allows you to see the broader picture by providing a list of vulnerabilities. This list entails the vulnerabilities found during the scan along with their instances. The instances refer to the number of times that an issue has occurred for a specific vulnerability.

After running an Application Scan on the target, you can see a list of Vulnerabilities under Issues>Vulnerabilities.

List of Vulnerabilities

1. Vulnerability

2. Severity

3. CWE ID

4. WASC ID

5. Instances

Filters

Select Target

In case you have multiple targets, you can filter them to get target-specific results using this feature.

Click Select Target and select any one of the options you wish to filter.

Vulnerability Details

1. Vulnerability

This column lists the different vulnerabilities discovered during the scan. If you click on any of the listed vulnerabilities, you are directed to the Issues overview page where you can see all the issues related to this vulnerability.

Note - On the issues overview page, the issues listed are filtered by the status- Active and Confirmed.

2. Severity

This indicates the seriousness of the Vulnerability.

The severity of a selected vulnerability can be

1. High

2. Medium

3. Low or

4. Informational

3. CWE ID

Horizon provides the CWE ID for respective vulnerabilities. CWE provides a common language for describing and discussing software security weaknesses by assigning a unique identifier (CWE ID) to each weakness.

4. WASC ID

Horizon provides the WASC ID for respective vulnerabilities. WASC provides a standardized way of identifying and categorizing web application security threats through its WASC Threat Classification, which assigns a unique identifier (WASC ID) to each threat.

5. Instances

This column displays the number of issues that correspond to each Vulnerability.

Next Steps

Digital Footprint Feed & Recommendations