Issue Information tab

The first tab of the Detail pane summarizes the information available.

During scanning, as issues are discovered and added to the tree, the Issue Information tab provides a summary of the information available on the other Detail pane tabs, as well as valuable additional information such as CVSS Metric scoring for the issue, and relevant screen captures, that can be saved with the results and included in your reports.


The Issue Information tab

Area/Icon

Description

Header Issue header including URL, Entity and Security Risk (High, Medium, Low or Informational).
CVSS Metrics score An average score based on the three CVSS metrics groups: Base, Temporal and Environmental. Click on the link to edit (see CVSS settings).

the Edit Issue Information icon
Enables you to include screen captures, other relevant images of your choice, and your own comments with the scan results, and include them in reports (see Editing Issue Information).
Tip (yellow box) This information refers to the Content area (below) and explains what to look out for in the image(s) or HTML that appear there.
Content (screen capture(s) or HTML code) Depending on the issue, this area may include a screen capture, two screen captures for comparison, a screen capture with a simulated pop-up, or HTML code. In the case of HTML, you can toggle text wrap on and off by clicking the Wrap icon at the top right of the content area.
Reasoning (blue box) Explains what AppScan did, and why it thinks this is an issue.
Technical summary (gray box) The technical details of what AppScan did to test for this issue, and how it validated the response.

Issue Information toolbar

The toolbar above the Detail pane shows the current severity of the selected issue, and its state, and lets you toggle between issues.

  • Severity: Select one of the four standard severity settings, or manually adjust the CVSS settings for this issue.
  • State: Options are "Open" or "Noise". Default is Open. Select Noise for issues that are unimportant to you. By default, results designated as Noise appear in the Result List with a line through them. To remove them from the display altogether, deselect Tools > Show Issues Marked as Noise.