# Vulnerabilities

The Vulnerabilities page provides many different ways to locate and display information about vulnerabilities found on your devices, and in general. &#x20;

To access the vulnerabilities information:

* In the left navigation menu, expand **Attack Path Tools** and then select **Vulnerabilities**.

The tiles at the top of the Vulnerabilities page control which vulnerabilities are listed in the bottom half of the page. Select a color in one of the circles, and the vulnerabilities in that grouping are the ones that appear in the list. This allows you to zero in on the vulnerabilities you're most interested in.&#x20;

You can select various items in the list to display additional details about that item. For example, in the **Affected Devices** column, click on **13** to details about all 13 devices.&#x20;

<figure><img src="/files/X2s6USFxX9aLAdSikd6A" alt=""><figcaption><p>Vulnerability main display</p></figcaption></figure>

### Vulnerability Details

<figure><img src="/files/ltCDcZLQi9yaJe5VV1cU" alt=""><figcaption><p>Vulnerability detail</p></figcaption></figure>

Each vulnerability can be expanded to show additional information. As an example, CVE-2022-26486 in the image above is being used by two groups of threat actors (Shadow Crane and one other). It was discovered in this Eipiphany data set through an integration with CrowdStrike Spotlight, and is present on one device which is in one attack path.&#x20;

### Vulnerability Prioritization

The vulnerability breakdown widget shows you progressive levels of prioritization of vulnerabilities. As you select different rings of the chart, the table below will display matching vulnerabilities.&#x20;

<figure><img src="/files/GNvme94j0oGYzGitt2Cz" alt=""><figcaption></figcaption></figure>

Blue Segment - All vulnerabilities

Yellow Segment - Exploitable vulnerabilities

Orange Segment - Exploitable and actively in-use vulnerabilities

Red Segment - In Paths: Exploitable, actively used, and accessible through prioritized attack paths

{% hint style="info" %}
Best practice would be to prioritize the "In Paths" vulnerabilities, as those are practical exploits that lead to valuable identities, devices and assets within your environment.&#x20;
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.reveald.com/technical-documentation/admin-guides/epiphany-intelligence-platform-administrator-guide/epiphany-tools/vulnerabilities.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.