What does Most Seen CVEs mean?

Comments

1 comment

  • Official comment
    Avatar
    Kirsten Flores

    Hi Suzan Liu - When a CVE is detected on a specific host and/or port during a scan, each vulnerability instance has a First Seen timestamp and a Last Seen timestamp. The first time that the CVE is seen or detected on the host/port, the First Seen and Last Seen timestamps are set to the same values. When a subsequent scan detects the same CVE on the host/port, the Last Seen timestamp is updated.

    So, the “Most Seen CVEs” refers to the CVEs with the highest count of open vulnerability instances detected during the shown or selected timeframe. Specifically, the CVEs with the highest count of open vulnerability instances with Last Seen timestamps within the selected timeframe. 

    I hope that helps answer your question, but let me know if you have any additional questions!

    Comment actions Permalink

Please sign in to leave a comment.