(As used in this volume) A network tool (hardware and/or software) that scans network devices to identify generally known and organization specific CVEs. It may do this based on a wide range of signature strategies.
Sources:
NISTIR 8011 Vol. 4
A tool (hardware and/or software) used to identify hosts/host attributes and associated vulnerabilities (CVEs, CWEs, and others).
Sources:
NISTIR 8011 Vol. 4