Collaborate Disseminate
There is a website that allows searching for content (without need for authentication). It uses GET parameter named "query" to search and it is vulnerable to reflected XSS. What is CVSS 3.0 score in the following scenarios?:
Vul… Continue reading CVSS 3.0 score for reflected XSS vulnerability in GET parameter [closed]
A website is given to pentester. It is observed that the website has a login page at https://example.com/admin. In this login page it is also possible to enumerate from error messages that the user "admin" actually exists. The pe… Continue reading CVSS Score for brute force attack [closed]
Looking at all the recent Linux kernel crash CVEs I see that the "Scope Changed" metric is always "Unchanged" indicating that "The vulnerable component is the affected component".
My question is, why wouldn’t … Continue reading Why is the "Scope Changed" CVSS Metric for Kernel Crash Vectors always "Unchanged"? [closed]
Looking at all the recent Linux kernel crash CVEs I see that the "Scope Changed" metric is always "Unchanged" indicating that "The vulnerable component is the affected component".
My question is, why wouldn’t … Continue reading Why is the "Scope Changed" CVSS Metric for Kernel Crash Vectors always "Unchanged"? [closed]
I have a set of features from an alert, including start-time, end-time, duration, protocol, srcip, srcport, dstip, dstport, iflags, uflags, riflags, ruflags, pkt, rpkt, oct, roct, app, entropy, rentropy, category_1, and category_2. I want … Continue reading How to calculate CVSS score from alert features? [closed]
The University of Erlangen-Nuremberg (Germany) is conducting a research study to investigate the consistency of CVSSv4 (Common Vulnerability Scoring System). If you are currently assessing vulnerabilities using CVSS, we would greatly appre… Continue reading How consistent are CVSSv4 scores? [closed]
The University of Erlangen-Nuremberg (Germany) is conducting a research study to investigate the consistency of CVSSv4 (Common Vulnerability Scoring System). If you are currently assessing vulnerabilities using CVSS, we would greatly appre… Continue reading How consistent are CVSSv4 scores? [closed]
While I was doing source code review of API handlers for REST APIs, I found a security issue.
This issue is that some methods have the annotation @PreAuthorize("permitAll()").
If I want to document this as a finding and give it a… Continue reading How to calculate CVSS score of a finding detected in the source code?
I am trying to calculate a CVSS score for a vulnerability. In my case, to exploit the vulnerability you should have network access to the server, which is sitting behind a firewall. This server is serving an application that only computers… Continue reading CVSS attack vector adjacent vs network
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is officially live. Building iteratively on version 3 there are a few differences that in… Continue reading Does CVSS 4.0 solve the exploitability problem?