1.5 KiB
1.5 KiB
Classes of Vulnerabilities
- Design: Weaknesses in Software Specifications
- Implementation: Technical security bugs found in code
- Operational: Improper config and deployment of system in environment
Operational Vulnerability is likely the worst
Types of Vulnerabilities
- Local Vulnerability: attacker requires local access to trigger the vulnerability - using a malicious piece of code attacker could escalate access privileges.
- Remote Vulnerability: attacker has no prior access to system - executing a malicious piece of code over the network could give attacker access.
Quantification of Vulnerabilities
CVSS: Common Vulnerability Scoring System
- Uses principle characteristics of a vulnerability to produce a numerical score reflecting severity. Can be translated into qualitative representation (low->critical) to help organisations assess and prioritise vulnerability management processes
- https://www.first.org/cvss
Attack Patterns
CAPEC: Common Attack Pattern Enumeration and Classification
- Catalogue of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other capabilities.
- https://capac.mitre.org/
Search for Vulnerabilities
Vulnerability Scanning
- Process of using automated tools to discover and identify vulnerabilities in a network
- Range from simple scripts to commercial software engines that scan for thousands of vulnerabilities
- Can generate alot of traffic, and may result in denial of service on many devices.