Skip to main content
Skip table of contents

Vulnerability Database View

Purpose

This document describes the Vulnerability Database View

Introduction

A Vulnerability Database is a centralized repository that collects, maintains, and communicates information about security vulnerabilities in software, hardware and network systems. The primary goal of a vulnerability database is to provide up-to-date information about known vulnerabilities, allowing customers to assess risks, prioritize patching, enhance their cybersecurity posture, and mitigate threat impacts.
Each entry in a vulnerability database typically contains :

  • A unique identifier CVE (Common Vulnerabilities and Exposures), that categorizes and labels each vulnerability.

  • A detailed explanation of the vulnerability, including its nature, impact, affected systems, and potential exploits.

  • The potential impact or risk level, which helps prioritizing vulnerabilities.

  • Recommendations for remediation or mitigation of the vulnerability, such as patches, updates, or workarounds.

Customers can leverage the vulnerability database as a reference for scan reports, allowing them to promptly implement security measures and ensure their systems remain consistently protected against emerging threats.

Accessing the Vulnerability Database

To access the Vulnerability Database:

  1. Log in to the Portal.

  2. In the main menu, go to Findings > Vulnerability Database.

    Portal_Findings_VulnDb_Menu.png

  3. The Vulnerability Database is displayed with CVE, Name, CVSS v2 Score, CVSS v3 score,… as default columns.

    Portal_Findings_VulnDb_Overview.png

  4. The Vulnerability Database table can be configured by using the Columns, Filter, and View template.

    checks.png

  5. Clicking on each row reveals more information about the vulnerability, such as details, exploits, and comments.

Details Tab

The Details tab shows the name, description, and solution of the selected vulnerability database. The CVSS v2 score and CVSS v3 score are also displayed. The numerical score can then be translated into a qualitative representation such as Low, Medium, High, and Critical.

Portal_Findings_VulnDb_DetailsTab.png

Option

Description

CVE

The Common Vulnerabilities and Exposures (CVE) identifier is an alphanumeric string that identifies a Publicly Disclosed vulnerability.

CVSS Score

The Common Vulnerability Scoring System (CVSS) is the industry standard for assessing the severity of security vulnerabilities. The CVSS Score provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation such as Low, Medium, High, and Critical to help organizations properly assess and prioritize their vulnerability management processes.

CVSS score range.

  • CRITICAL - 9.0-10.0

  • HIGH - 7.0 - 8.9

  • MEDIUM - 4.0 - 6.9

  • LOW - 0.1 - 3.9

  • RECOMMENDATION - 0

  • UNKNOWN

The CVSS v2 Scores are based on Access Vector, Access Complexity, Authentication, Confidentiality, and Integrity, Availability.

The CVSS v3 Scores are based on Access Vector, Access Complexity, Privileges Required, User Interaction, Scope, Confidentiality, Integrity, Availability, Exploit Code Maturity, and Remediation Level Report Confidence

Description

The Description field explains the vulnerability in simple terms.

Solution

This field provides a solution on how to mitigate the vulnerability.

Exploits Tab

The Exploits tab shows any known public exploits from various sources. It also shows the Farsight score – an easier way to address vulnerabilities that are relevant and may impact an organization irrespective of the CVSS score or the presence of an exploit for a vulnerability.

Portal_Findings_VulnDb_ExploitsTab.png

Option

Description

Farsight

Score

A risk indicator that shows how much more likely a vulnerability is to be exploited compared to average. The risk indicator presents the likelihood values in an 1-100 format.

Delta

The difference between the current and the former likelihood score values.

Update date

The date of when the Farsight Risk value was updated.

Threat activity

The last time the threat activity was detected by the watcher community.

Exploits

Source

The source of the vulnerability information.

CVE

The CVE identifier is an alphanumeric string that identifies a Publicly Disclosed vulnerability.

Name

The name of the Vulnerability.

URL

A link to the vulnerability information at the source.

Comments Tab

The Comments tab allows you to have internal discussions about the vulnerabilities. You can start discussions, reply to comments, and delete comments and discussions.

Portal_Findings_VulnDb_ComentsTab.png

Comments Notification

Customers can manually set up an email/notification to notice when a new comment is created on a vulnerability.
1. Go to Configuration > Notification Settings

image-20240904-065708.png
  1. Click on the green plus (plus) button at the bottom right of the screen. A side tab will be opened for customers to create a new notification trigger.

    1. Enter a Name for the notification.

    2. Set Trigger to Comment created.

    3. Set Entity type to Check.

    4. For Integration, there are two types: E-mail and Web notification.

    5. Add the e-mail addresses to the users who will receive the notifications. This field is only available for the Email type of Integration.

    6. Enter a Subject and Content. We support a Jinja2 template with a lot of variables and built-in functions.

      Portal_VulnDb_Comments_Notification.png

  2. Click the blue Add button in the lower right corner to save the Notification setting.

See Event Notifications for more information on Notifications and Notification Settings as well as templates and use cases.

After creating the configuration, the recipients receive a notification for every new comment on the vulnerabilities based on the trigger integration
type.

Portal_VulnDb_Comments_Notification_Result.png
Portal_VulnDb_Comments_Notification_Mail.png

Reference

  1. CVE - CVE (mitre.org)

  2. Common Vulnerability Scoring System SIG (first.org)

  3. https://jinja.palletsprojects.com/en/2.11.x/templates/

Related Articles (Edited by Documentation Team)




Copyright

© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.