Vulnerability Management
The views under Vulnerability Management bring together all information about detected Common Vulnerable Exposures (CVEs), as well as possible vulnerabilities in your IT, in one central location.
Last updated
The views under Vulnerability Management bring together all information about detected Common Vulnerable Exposures (CVEs), as well as possible vulnerabilities in your IT, in one central location.
Last updated
At a glance you can see which softwares are particularly affected by CVEs. On the one hand you get a pie chart of the 10 softwares with the highest CVE vulnerability. While on the other side you get the listing of the 10 softwares with the most dangerous CVEs. The assigned vulnerability of these can be traced back to the associated Common Vulnerability Exoposure Scoring System (CVSS) score. Especially high CVE scores require your attention and possibly a review of your previous patch management.
Here you will find the CVEs with the highest occurrence on your systems, the criticality level behind them refers to the classification according to the CVSS score. Next to it is the summed risk level, which is the result of the original CVSS score times the number of affected hosts.
Use the additional view to get a quick overview of the most dangerous vulnerabilities in your IT. By looking at the detailed view, you can see which assets are affected by them and where your next priorities should be.
The overview presented here is particularly useful for checking your own security measures for success. The breakdown of CVEs found according to urgency gives you a good overall view of the actual security status of your IT.
This section informs you about those assets that have the highest overall risk score when summing up your CVEs and the corresponding CVSS score. In the right view you will find this information visualized once again. The higher up on the right an asset is, the more CVE findings there are on that device and the higher the risk score on that host. Assets with this ranking usually need a lot and urgent increase in security measures. The closer an asset gets to the lower left corner, the fewer (critical) vulnerabilities it usually has. Zoom in on a specific time period to analyze accumulations within that time. Double-click on the view to return to the initial view.
Under the item current warnings, the latest warnings from the BSI are issued to you and assigned to affected CVEs within your systems. As before, the summed risk at the end refers to the assigned CVSS score multiplied by the number of affected assets. Use this view to close or respond to just emerging vulnerabilities in your systems at an early stage.
The CVE database provides you with a comprehensive overview of all CVEs occurring within your systems. In the default setting, only manually unhandled results are displayed. If you want to display all results, delete these filters in the upper bar. In addition, you can still filter the results using the free text field or fall back on provided filters. Click on a CVE to display detailed information about the CVE in question.
Within the detail view you get the broken down components that make up the CVSS score:
Access Vector
Network
Vulnerability can be exploited remotely.
Adjacent
Can only be exploited via neighboring network. Attack must originate from the same network.
Local
Cannot be exploited over network. Attack must be local or remote.
Physical
Attackers need physical access to system.
Access Complexity
Low
Exploitation of the vulnerability does not require any special preconditions.
High
Preconditions for successful attack are required that cannot be controlled by attackers.
Privileges required
None
No special privileges required.
Low
Access rights of a normal user required.
High
Administrative rights or similar privileges required.
Scope
Unchanged
Exploited vulnerability limited in damage only to local security instance.
Changed
Exploited vulnerability can affect other component (without belonging to the same security instance).
Confidentiality Impact
None
No disclosure of information.
Low
Attacker gains partial access to information.
High
Attacker gains full access to all information.
Integrity Impact
None
No loss of data integrity.
Low
Subset of information can be changed but without impact on entire system.
High
Attacker can change information on target system. Leads to complete loss of integrity.
Availability Impact
None
No loss of availability.
Low
Availability may be temporarily limited or performance negatively affected.
High
Availability of the affected system/information gets lost.
User Interaction
Non
No user interaction required.
Required
User must perform at least one step to execute vulnerability.
Use the collection of affected references to plan your next steps. Clicking on an individual host takes you to the host details view and shows you which additional vulnerabilities affect the host. In particular, reconsider your patch management of those hosts that have numerous CVEs listed.
If you scroll down a bit, you will come across the Common Weakness Enumeration (CWE) of the vulnerability. Here you can expect the unique identifier of known vulnerabilities in software and hardware and the summary of possible measures as well as examples.
