In: Computer Science
Write a brief description of a vulnerability found in the scan,
including the operating system on which it was found, its risk
factor, and its CVSS scores.
Answer:------
One vulnerability that CentOS 6/7 Firefox (CESA-20107) the risk
factor was high, CVSS base Score is 9.3, the CVSS Temporal Score is
at 6.9, CVSS Vector.CVSS2#AV: N/AC: Au: N/C:C/I:C/A:C, and the CVSS
Temporal Vector is CVSS2#E: U/RL: OF/RC: C. This vulnerability lets
you know that for Red Hat Enterprise Linux 6 and Red Hat Enterprise
7, there is an available update because multiple flaws were found
in the processing of malformed web content. The update will fix
issues such as preventing Firefox from crashing due to web pages
containing malicious content for the host.
What types of vulnerabilities might an attacker without any
credentials be able to identify and exploit?
Answer:------
Many of the vulnerabilities have the same patterns. sometimes
computers in the same net-work would be a good way to find
vulnerability. you can test each computer and with that you
can.
This was a simple three computer LAN. How much more complicated
would this process be for 100 computers? What about an enterprise
with 10,000 computers on their LAN/WAN?
Answer:------
There are many different types of computer networks and each one
can be different. De-pending on the are it can shows different
types of vulnerability. depends on the types of networks they
used.
Consider a cloud-hosted Infrastructure as a Service (IaaS)
environment with many new, internet-accessible systems regularly
being built and brought online. What advantages or challenges might
there be with regard to vulnerability management in the
cloud?
Answer:------
Being in a club if a good thing but it can also be vulnerable. The
cloud can be access from a lot of places and you do not know what
got into it. This would be sometimes a disadvantages of a cloud.
You need a lot of security.