Vulnerabilities

What is a Security Vulnerability?

A security vulnerability is a weakness an adversary could take advantage of to compromise the confidentiality, availability, or integrity of a resource.

In this context a weakness refers to implementation flaws or security implications due to design choices. For instance, being able to overrun a buffer’s boundaries while writing data to it introduces a buffer overflow vulnerability. Examples of notable vulnerabilities are Heartbleed, Shellshock/Bash and POODLE.

Public Vulnerability Repositories

Zero-day vulnerabilities are vulnerabilities that have not been publicly disclosed and are kept private. There are several public vulnerability repositories available that allow interested parties to have easy access to information regarding known vulnerabilities. The most prominent vulnerability repositories are CVE, NVD and OVAL. CVE has established a referencing system for registering vulnerabilities called the CVE identifier (CVE-ID). CVE-IDs usually include a brief description of the security vulnerability and sometimes advisories, mitigation measures and reports.

Vulnerability Management

Vulnerability management identifies, classifies, evaluates, and mitigates vulnerabilities. IT security professionals perform the vulnerability management process in an organised and timely manner by following the steps described below:

Preparation: Define the scope of the vulnerability management process.

Vulnerability Scanning: Vulnerability scanners are automated tools that scan a system for known security vulnerabilities providing a report with all the identified vulnerabilities sorted based on their severity. Known vulnerability scanners are Nexpose, Nessus and OpenVAS.

Identification, Classification and Evaluation of the Vulnerabilities: The vulnerability scanner provides a report of the identified vulnerabilities.

Remediating Actions: The asset owner determines which of the vulnerabilities will be mitigated.

Rescan: Once the remediating actions are completed, a rescan is performed to verify their effectiveness.

Source: https://www.enisa.europa.eu/topics/csirts-in-europe/glossary/vulnerabilities-and-exploits