View Findings Details

The Findings Details drawer provides a complete, in-depth profile of an individual vulnerability detected in your environment on a specific Resource. It consolidates metadata, context, remediation details, and security insights in one place, helping security teams quickly assess and prioritizing the risk of the Finding.

Technical Preview: This feature is currently in rapid development and may change frequently.

Overview

This page offers a comprehensive investigation panel for a specific finding, including:

  • Finding metadata and affected asset metadata.
  • Full vulnerability description and CVE background.
  • Context indicators like exploitability and fix availability.
  • Threat intelligence insights (CISA KEV, ransomware use).
  • Remediation guidance for the individualized Finding.
  • Actions like Create Ticket and Accept Finding are readily available to initiate workflows and drive Remediation.

Highlights

The Highlights section of the Findings Details drawer is an overview of the Vulnerability in your environnment, providing context to help you prioritize and understand the risk of the Finding as it relates to your infrastructure.

All Affected Resource Summary

  • Affected Resource: Provides the affected resources name and navigate to the Resource Details drawer.
  • Zones: The zone the resource belongs to.
  • Remediations: If a fix is available provides a navigation to the (Remediations)[#remediations] section of the Findings Details drawer.

Description

This section provides a detailed narrative about the vulnerability including high level overviews provided by Sysdig’s Vulnerability Feeds including but not limited to:

  • Background on the software or component affected
  • Description of how the vulnerability can be exploited
  • Timeline of discovery, fixes, or regressions
  • Recommendations for mitigating risk if immediate patching is not possible

CVE Details

FieldValueDescription
Finding NameCVE-2024-41110The official CVE identifier assigned to this vulnerability, providing a link to CVE 360.
SeverityCriticalThe risk level of the vulnerability based on CVSS score and external feeds, provides a clickable link to the Vulnerability Feeds section. For more information see Vulnerability Feeds.
ContextExploitable, Has Fix, In-UseIndicates whether the vulnerability is actively exploitable and if a fix is available, or is In-Use.
Disclosure DateTue, Jul 30, 2024 at 03:18:57 AMThe date the vulnerability was publicly disclosed by the matched vendor, for more information see Vulnerability Feeds.
EPSS0.00%The Exploit Prediction Scoring System score, estimating the probability of exploitation.
EPSS Percentile0.00%The percentile rank of this CVE relative to other known vulnerabilities.
Packagegithub.com/docker/docker v24.0.7+incompatibleThe software package and version in which the vulnerability exists.
Package TypeGolangThe language or ecosystem of the affected package.
Package Path/usr/bin/diveThe filesystem location where the package was detected on the impacted resource.
Finding DiscoveredMon, Apr 28, 2025 at 09:08:18 AMTimestamp when this specific finding was first observed in your environment on the affected resource.
Fix Available SinceMon, Jul 22, 2024 at 05:00:00 PMDate and time when a fix became available for this CVE from the matched vendor. For more information see Vulnerability Feeds.

Remediations

Vulnerability Finding remediations are specific to the individual Finding. It provides the following data related to the underlying issue and fix version provided by the matched vendor.

FieldExample ValueDescription
Fix Available SinceJuly 22, 2024The date when a vendor-provided or validated fix became available for this vulnerability from the matched vendor. For more information see Vulnerability Feeds.
Fix SuggestionUpgrade package to v25.0.6Recommended action to remediate the vulnerability, typically by upgrading to a fixed version. For more information see Vulnerability Feeds.
Resource to Fixregistry.k8s.io/kops/kops-controller:1.28.5@sha256:07e40a04b4f8f3dfedfdfff6...The specific container image or runtime resource where the fix should be applied.
Packagegithub.com/docker/dockerThe affected software package that should be updated.
Package Path/ko-app/kops-controllerFilesystem location within the container or runtime where the package is installed.
Package TypeGolangThe programming language or ecosystem the package belongs to (e.g., Golang, Debian, RPM).

Security Feeds

Sysdig consolidates insights from multiple trusted security feeds to enhance vulnerability context. On the Vulnerability Findings page, each vulnerability includes detailed information sourced from all available feeds to support faster, more informed decision-making.

Each feed includes the following data:

FieldExample ValueDescription
FeedVulnDBThe security feed that provided this vulnerability information.
SeverityCriticalThe severity level assigned by the feed based on its own scoring methodology.
CVSS Score v39.8 (v3.1)CVSS v3 score as provided by the feed, if available, indicating criticality using the older scoring system.
CVSS Score v29.3 (v2)CVSS v2 score assigned to the vulnerability if available, indicating criticality using the older scoring system.
Vendor LinksCVE-2024-41110Links to external vendor advisories, if provided by the feed.
Published Date17/04/2024The date the vulnerability information was published by the feed.

For more information see Vulnerability Feeds.