Vulnerabilities Tab

Navigation:  User Interface >

Vulnerabilities Tab

Previous pageReturn to chapter overviewNext page

The vulnerabilities tab presents a table of the known vulnerabilities currently affecting the operating system. The total number of vulnerabilities is displayed on the tab out, while each row represents a single vulnerability. Critical vulnerabilities have a background color of yellow, orange or red based on severity.

 

The vulnerabilities table may be sorted by clicking on the links in the header row to sort by: CVE ID, severity rating, vulnerability attack vector, or fix availability. The vulnerabilities table includes the following columns:

 

checkbox (Imunify QuickPatch+ version): this column includes a checkbox for selecting each fixable vulnerability. The checkbox in the header row selects or deselects all vulnerabilities.

CVE ID: the vulnerability CVE (Common Vulnerabilities and Exposures) identifier. This is also a link to the operating system vendor’s security information for this particular vulnerability. Further information on CVEs can be found at the MITRE and NVD websites.

Severity: the vulnerability severity rating as assigned by Imunify QuickPatch. Please see the section on Evaluating Vulnerability Impact below for an overview of these ratings.

Description: the vulnerability description as published by the National Vulnerability Database, or, where this is unavailable, by the operating system vendor

Vector: the attack vector for the vulnerability;

oNetwork: remotely exploitable over the network

oAdjacent: exploitable over the same physical or logical (e.g., local IP subnet) network

oLocal: exploit requires local read/write/execute capabilities

oPhysical: exploit requires physical access to the system

Packages: a list of vulnerable packages. Full package version and release information is displayed in a tooltip.

Fix Available:

oYes: the operating system vendor has released package update(s) which fix the vulnerability

oPartial: the operating system vendor has release package update(s) which fix some, but not all, of the listed packages

oNo: fixes for the vulnerable package(s) have not been released

o(Imunify QuickPatch+ version): this column may also include one of these clickable icons:

       plx_icon_wand fix this vulnerability now

       plx_icon_info show information about fixing this vulnerability, e.g., fixing this vulnerability requires an update to one or more kernel packages. The extension does not install                updates to kernel packages as these typically require a reboot and should be performed in conjunction with an overall system update. Please see the section on                Manual System Updates below.