Here is information about the different values and information for vulnerabilities in the knowledgebase.
The knowledgebase contains vulnerabilities for network and web application scanning.
The name/short description of the vulnerability.
Example: FOG Server Multiple Vulnerabilities
The Holm Security VMP severity level that basically indicates how serious the vulnerability is. The severity level is a translation from CVSS Score (see "CVSS Base"). To quickly and easily recognize the level severity each level has a related color.
The severity levels and colors are as follows:
- Info Blue
A vulnerability that is not likely to mean that you are exposed to a potential threat.
- Low Green
Low level of severity. In most cases does not mean that you are exposed to a potential threat.
- Medium Yellow
Medium low level of severity. Can mean that you are exposed to a potential threat.
- High Orange
High low level of severity. In most cases you are exposed to a potential threat.
- Critical Red
Critical level of severity. You are exposed to a threat, only with some exceptions.
Discover method describes what method that was used to discover the vulnerability.
- Remote Only
Detected only using remote, unauthenticated scanning.
- Authenticated Only
Detected only using authenticated scanning.
- Remote or Authenticated
Detected using remote, unauthenticated scanning or authenticated scanning.
Ignore, this information will be removed in later versions.
The time for when the vulnerability was published.
When the vulnerability was modified.
The HID (Holm Security ID) is a unique identifier for all vulnerabilities in Holm Security VMP.
The category for the vulnerability.
A unique ID for the vulnerability commonly used by different software providers and vendors. Read more about CVE here (external website):
Information from the software provider or similar.
Example: http://www.securityfocus.com/bid/67899, http://openssl.org/
Bugtraq ID is the unique ID given to vulnerabilities by SecurityFocus, read more here (external website):
If there’s a patch available.
The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. CVSS consists of three metric groups: Base, Temporal, and Environmental. The Base group represents the intrinsic qualities of a vulnerability, the Temporal group reflects the characteristics of a vulnerability that change over time, and the Environmental group represents the characteristics of a vulnerability that are unique to a user's environment. The Base metrics produce a score ranging from 0.0 to 10.0, which can then be modified by scoring the Temporal and Environmental metrics. A CVSS score is also represented as a vector string, a compressed textual representation of the values used to derive the score.
The CVSS Score is translated into a severity level (see headline "Severity level") in Holm Security VMP to simplify the vulnerability levels.
Translation from CVSS Score to Holm Security severity levels:
- 0: Info
- 0,1–2,0: Low
- 2,1–5,0: Medium
- 5,1–8,0: High
- 8,1–10: Critical
CVSS Access Vector
The access vector shows how a vulnerability may be exploited.
The attacker must either have physical access to the vulnerable system (e.g. firewire attacks) or a local account (e.g. a privilege escalation attack).
- Adjacent Network
The attacker must have access to the broadcast or collision domain of the vulnerable system (e.g. ARP spoofing, bluetooth attacks).
The vulnerable interface is working at layer 3 or above of the OSI Network stack. These types of vulnerabilities are often described as remotely exploitable (e.g. a remote buffer overflow in a network service)
The software concerned for the vulnerability.
Example: OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m and 1.0.1 before 1.0.1h
The impact the vulnerability have.
Example: Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks.
Solution for the vulnerability.
Example: Updates are available.
How the Holm Security script operates to find the vulnerability.
Extended information on a more technical level, sometimes covering CVE specific cases for vulnerabilities titled as multiple.