Vulnerability Database View
Purpose
This document describes the Vulnerability Database View
Introduction
A Vulnerability Database is a centralized repository that collects, maintains, and disseminates information about security vulnerabilities in software, hardware and network systems. The primary goal of a vulnerability database is to provide up-to-date information about known vulnerabilities, allowing customers to assess risks, prioritize patching, enhance their cybersecurity posture, and mitigate threat impacts.
Each entry in a vulnerability database typically contains :
A unique identifier CVE (Common Vulnerabilities and Exposures), that categorize and label each vulnerability.
A detailed explanations of the vulnerability, including its nature, impact, affected systems, and potential exploits.
The potential impact or risk level which help prioritize vulnerabilities.
Recommendations for remediation or mitigation of the vulnerability, such as patches, updates, or workarounds.
Customers can leverage the vulnerability database as a reference for scan reports, allowing them to promptly implement security measures and ensure their systems remain consistently protected against emerging threats.
Accessing the Vulnerability Database
To access the Vulnerability Database:
Login to the Portal.
Go to Finding > Vulnerability Database in the main menu.
The Vulnerability Database is displayed with CVE, Name, CVSS v2 Score, CVSS v3 score,… as default columns.
The Vulnerability Database table can be configured by using the Columns, Filter, and view template.
To learn more about Columns , Filters, and View templates, see respective documentation.
Clicking on each row reveals more information about the vulnerability such as details, exploits, and comments.
Details Tab
The Details tab shows the name, description, and solution of the selected vulnerability database. The CVSS v2 score and CVSS v3 score are also displayed. The numerical score can then be translated into a qualitative representation ( Low, Medium, High, and Critical).
Option | Description |
|---|---|
CVE | The Common Vulnerabilities and Exposures (CVE) identifier is an alphanumeric string that identifies a Publicly Disclosed vulnerability. |
CVSS Score | The Common Vulnerability Scoring System (CVSS) is the industry standard for assessing the severity of security vulnerabilities. The CVSS Score provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as Low, Medium, High, and Critical) to help organizations properly assess and prioritize their vulnerability management processes. CVSS score range.
|
The CVSS v2 Scores are based on Access Vector, Access Complexity, Authentication, Confidentiality, Integrity, Availability | |
The CVSS v3 Scores are based on Access Vector, Access Complexity, Privileges Required, User Interaction, Scope, Confidentiality, Integrity, Availability, Exploit Code Maturity, Remediation Level Report Confidence | |
Description | The Description field explains the vulnerability in simple terms. |
Solution | This field provides a solution on how to mitigate the vulnerability. |
Exploits Tab
The exploits tab shows any known public exploits from various sources. It also shows the Farsight score - an easier way to address vulnerabilities that are relevant and may impact an organization irrespective of the CVSS score or the presence of an exploit for a vulnerability.
Option | Description |
|---|---|
Farsight | |
Score | Risk indicator that shows how much more likely a vulnerability is to be exploited compared to average. The risk indicator present the likelihood values in an 1-100 format. |
Delta | The difference between the current and the former likelihood score values. |
Update date | Date when the Farsight Risk value was updated. |
Threat activity | Last time date when threat activity has been detected by the watcher community. |
Exploits | |
Source | Source of the vulnerability information. |
CVE | The CVE identifier is an alphanumeric string that identifies a Publicly Disclosed vulnerability. |
Name | Name of the Vulnerability. |
URL | Link to the vulnerability information at the source. |
Comments Tab
The Comments tab allows you to have internal discussions about the vulnerabilities. You can start discussions, reply to comments, and delete comments and discussions.
Comments Notification
Customers can manually set up an email/notification to notice when a new comment is created on a vulnerability.
1. Go to Configuration > Notification Settings
Click on the Plus Button at the bottom right of the screen. A side tab will be opened for customers to create a new notification trigger.
Enter a Name for the notification.
Set Trigger to Comment created.
Set Entity type to Check.
For Integration, there are two types: E-mail and Web notification.
Add the users e-mail addresses who will receive notifications. This field is only available for Email type of Integration.
Enter Subject and Content. We are supporting Jinja2 template with a lot of variables and built-in functions.
Click the blue Add button in the lower right corner to save the Notification setting.
After creating the configuration, the recipients receives a notification for every new comment on vulnerabilities based on the trigger integration
type.
Reference
Related Articles (Edited by Documentation Team)
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.