When we talk about CVE, we talk about vulnerabilities in IT systems and networks. CVE is the abbreviation for  "Common Vulnerabilities and Exposures" and are basically vulnerabilities which are documented and made publicly available through the website of MITRE.

The necessity to provide a centralised overview of vulnerabilities

CVE originated from a necessity to provide a centralised overview of vulnerabilities in computer systems and networks, as in the past multiple of such databases existed - which were not aligned and with each of them their own naming convention. The CVE database can be found on MITRE's website and is searchable based on a CVE ID. Each vulnerability has its own CVE ID. Based on these CVE IDs, more details related to the vulnerability can be found via CVE Details. An example of such a documented vulnerability is POODLE, where an attack through the SSL protocol 3.0 was made possible. This vulnerability is hence also documented.

Low to high severity

Each CVE ID receives its own score, from 1 ("Low Severity") to 10 ("High Severity"). The calculation behind this number is based on the Common Vulnerability Scoring System (CVSS), which is a framework to define the impact based on the characteristics and properties of a certain vulnerability. The National Vulnerability Database (NVD) calculates the scores of practically all documented vulnerabilities.

Another known vulnerability is WannaCry, documented in multiple CVE IDs: CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147 and CVE-2017-0148.

Detect the vulnerabilities

These CVE IDs are used in vulnerability scanners, such as Nessus, OpenVAS, QualysGuard, ... By performing these automated scans on IT systems, databases, networks and (web) applications, it is possible to detect such vulnerabilities. This way, as a system administrator, you are aware of the known vulnerabilities on your systems, which allows you to take appropriate action. However, the result of a vulnerability scan can be a complicated and complex report, which requires interpretation. Best practices prescribe that these scans are performed on a regular basis, as on a daily basis new vulnerabilities are discovered. In addition, it allows you to follow up on those vulnerabilities you have closed already - as they should not appear anymore in the next report. The latter is an important aspect: vulnerabilities require follow up and remediation action! One open vulnerability might become an open door for attackers, to gain access to your environment.

EASI ready to assist

EASI is ready to assist you in this. We are known with vulnerability scanning, the interpretation of such reports and remediation actions. Such vulnerability scanners are often used as part of a Systems Hardening Audit, which is our way of detecting weaknesses in your IT infrastructure. By tackling these weaknesses, you increase the level of security of your infrastructure.