The vulnerabilities tab presents a table of the known vulnerabilities currently affecting the operating system. The total number of vulnerabilities is displayed on the tab out, while each row represents a single vulnerability. Critical vulnerabilities have a background color of yellow, orange or red based on severity.
The vulnerabilities table may be sorted by clicking on the links in the header row to sort by: CVE ID, severity rating, vulnerability attack vector, or fix availability. The vulnerabilities table includes the following columns:
•checkbox (Imunify QuickPatch+ version): this column includes a checkbox for selecting each fixable vulnerability. The checkbox in the header row selects or deselects all vulnerabilities.
•CVE ID: the vulnerability CVE (Common Vulnerabilities and Exposures) identifier. This is also a link to the operating system vendor’s security information for this particular vulnerability. Further information on CVEs can be found at the MITRE and NVD websites.
•Severity: the vulnerability severity rating as assigned by Imunify QuickPatch. Please see the section on Evaluating Vulnerability Impact below for an overview of these ratings.
•Description: the vulnerability description as published by the National Vulnerability Database, or, where this is unavailable, by the operating system vendor
•Vector: the attack vector for the vulnerability;
oNetwork: remotely exploitable over the network
oAdjacent: exploitable over the same physical or logical (e.g., local IP subnet) network
oLocal: exploit requires local read/write/execute capabilities
oPhysical: exploit requires physical access to the system
•Packages: a list of vulnerable packages. Full package version and release information is displayed in a tooltip.
oYes: the operating system vendor has released package update(s) which fix the vulnerability
oPartial: the operating system vendor has release package update(s) which fix some, but not all, of the listed packages
oNo: fixes for the vulnerable package(s) have not been released
o(Imunify QuickPatch+ version): this column may also include one of these clickable icons:
fix this vulnerability now
show information about fixing this vulnerability, e.g., fixing this vulnerability requires an update to one or more kernel packages. The extension does not install updates to kernel packages as these typically require a reboot and should be performed in conjunction with an overall system update. Please see the section on Manual System Updates below.