Topic
This article explains how to view vulnerability and CVE data on the NinjaOne dashboards.
Environment
NinjaOne Vulnerability Management
Description
You can view vulnerabilities from several locations, including the System, Organization, and Device Dashboards.
Select a category to learn more:
Dashboard Vulnerabilities Tab
This tab is available on the System, Organization, and Device Dashboards. The page groups data by CVE, with each row of the dashboard's table representing a single CVE and the related devices. This data is filtered by the set of devices visible to the calling user, so the dashboard shows only counts of those devices.
- Click the number in the Managed devices or Unmanaged devices column to navigate to the Devices search page, where NinjaOne filters the device list to display devices related to the specified CVE ID. From here, you can run automations, create scheduled tasks, and more. Refer to Find and Manage Endpoints from the Devices Search Page for more information.
- Unmanaged devices reflect data that NinjaOne could not map to an existing device.
- Click the number in the Organizations column to open a modal that lists all organizations impacted by that CVE ID. If you click the organization name in the modal, you will navigate to the Devices search page, where NinjaOne filters to show all devices in that organization affected by the CVE.
- Click the KB link in the Remediations column to view whether the remediation is pending, approved, rejected, or failed.
Dashboard Health Status
Move your cursor over icons next to the organization name on the system dashboard to view the number of devices affected by vulnerabilities and their risk levels.
Click the numbered links in the Device health issues widget on the system or organization dashboard to view vulnerability details. You will navigate to the Devices search page, which NinjaOne filters to show the affected devices; from there, you can perform various device actions. Refer to our Find and Manage Endpoints from the Devices Search Pages article to learn more.
The device dashboard displays a Health Issues widget if an active vulnerability or threat is present. Click the action menu (ellipsis) on the right side of the health status and then click Navigate to vulnerabilities tab.
CVE Details
Click the hyperlink in the CVE ID column. This action opens a new page that provides risk information, the CVSS score, scan group information, impacted sources, impacted devices, and references.
- Click the device, organization, or location name to navigate to that applicable dashboard in NinjaOne.
- Access vulnerability remediation in the Patching status widget by clicking the number that displays in the Pending, Approved, Rejected, or Failed columns. You will navigate to the applicable OS Patching data dashboard to take action.
- The link next to the CVE number will take you to the National Vulnerability Database, which provides enrichment data for the CVE record and improves troubleshooting efficiency.
- If you are accessing this page from the System or Organization Dashboard, an additional section will be available for Total devices impacted. When opened from the Organization Dashboard, this section shows all devices managed by the organization that contain the selected CVE. When opened from the System Dashboard, this section includes both managed and unmanaged devices separated by tabs.
- You can click the device name hyperlink to navigate to the Device Dashboard.
Additional Resources
Refer to the following resources to learn more about vulnerabilities and patching in NinjaOne: