Chapter 3. Reports by CVEs

You can create PDF reports showing a filtered list of CVEs your systems are exposed to. Give each report a relevant name, apply filters, and add user notes to present focused data to specific stakeholders.

You can apply the following filters when setting up the PDF report:

  • Security rules. Show only CVEs with the security rules label.
  • Known exploit. Show only CVEs with the Known exploit label.
  • Severity. Select one or more values: Critical, Important, Moderate, Low, or Unknown.
  • CVSS base score. Select one or more ranges: All, 0.0-3.9, 4.0-7.9, 8.0-10.0, N/A (not applicable)
  • Business risk. Select one or more values: High, Medium, Low, Not defined.
  • Status. Select one or more values: Not reviewed, In review, On-hold, Scheduled for patch, Resolved, No action - risk accepted, Resolved via mitigation.
  • Publish date. Select from All, Last 7 days, Last 30 days, Last 90 days, Last year, or More than 1 year ago.
  • Applies to OS. Select the RHEL minor version(s) of systems to filter and view.
  • Tags. Select groups of tagged systems. For more information about tags and system groups, see System tags and groups