A vulnerability is an important weakness to identify, as it can allow an attacker to reduce the information security of a system. Vulnerabilities are used to determine the security of your system.
Alert Logic lists all of the scan content that Alert Logic scanners can check for in the Vulnerability Library, under Investigate in the Alert Logic console. You can easily search for and view information on a specified vulnerability that Alert Logic scanned for, and see whether it impacts assets in your environment.
Vulnerability Library Contents
The Vulnerability Library is organized by exposure ID (EID), common vulnerabilities and exposures (CVE) number, name of the vulnerability, severity ranking, Common Vulnerability Scoring System (CVSS) score, PCI compliance audit result, last modified date, and product.
Alert Logic assigns
|Severity rating||CVSS v2 score range||CVSS v3 score range|
|Critical||Not applicable||9.0 - 10.0|
|High||7.0 - 10.0||7.0 - 8.9|
|Medium||4.0 - 6.9||4.0 - 6.9|
|Low||0.1 - 3.9||0.1 - 3.9|
Some vulnerabilities in the National Vulnerability Database have both CVSS v2 and CVSS v3 scores. Alert Logic displays the newer CVSS v3 score and severity rating in prominent locations and both scores in detail views. If only one CVSS score exists, Alert Logic uses that score and severity rating.
Sort through library
The Vulnerability Library, by default, is listed by the last modified date by descending order. The most recently added or updated content is displayed on top, which allows you to quickly check if coverage exists for any new emerging threats. You can sort the list by EID, name, or last modified date. Click the arrow icon () next to the column label to sort the list by descending or ascending order from that column.
You can perform searches to find a vulnerability in the library. In the search bar on the top right of the page, you can search for all or part of the name of the vulnerability, a specific CVE, an operating system or an application, an EID, or any partial string of text that is part of the vulnerability text.
View Vulnerability Details
To access a vulnerability detail page, click the entry in the table. The top part of the page provides the following information:
- Vulnerability name
- CVE ID
- PCI result
- PCI audit pass/fail reason
- CVSS score and severity
If a vulnerability has both a CVSS v2 and CVSS v3 score, the detail page lists both scores and their severity ratings.
The bottom portion of the page provides the following information:
- Description—Provides information about the vulnerability which can include the affected application or operating system, what the vulnerability is, or what an attacker is allowed to do.
- CWE—Common Weakness Enumeration ID. For more information about CWE software and hardware weakness types, look up the ID on the CWE website.
- Impact—Provides information on the potential impact of the vulnerability, which can include whether an application or operating system is prone to the vulnerability and why, and what the vulnerability allows an attacker to do.
- Solution—Provides a way to eliminate the vulnerability, if any, such as patching, upgrading, or contacting the vendor for more information.
- Detected on—Provides a list of operating systems and applications where the vulnerability can be detected. The list includes the Common Platform Enumeration (CPE) names of the products checked. The data is not customer-specific or filtered for your environment.
- References—Provides links to sources with more information about the vulnerability.