Every year, organizations face an endlessly multiplying series of potential security exposures. So how do you figure out which ones are most significant for you? Which ones to mitigate? Which ones are the most dangerous? The good news is you’re not alone in this cybersecurity battle of wits. There are publicly available tools, such as the CVE system. Plus, there are organizations that help other organizations prioritize potential vulnerabilities and exposures, so they can put their effort where it’ll do the most good.
But first, what is a CVE exactly? And what are some of the common vulnerabilities and exposures? Here’s our ultimate guide to CVEs, and how to use them.
What is a CVE?
CVE stands for ‘common vulnerabilities and exposures’. The CVE database is basically a catalog of known security flaws. It’s free to use and available to everyone. The system is maintained by a non-profit organization called the MITRE Corporation , with some funding being chipped in by the Cybersecurity and Infrastructure Security Agency (CISA) and the US Department of Homeland Security.
A CVE is a specific risk, vulnerability, or exposure within the CVE database.
The basic premise is to make common vulnerabilities and exposures publicly known, so that IT professionals and organizations can better guard against them. Each CVE (or potential vulnerability) is given a unique identifying number, so professionals around the world can quickly spot the risk and coordinate their response.
Is this the same thing as CVSS?
Not quite. CVSS stands for Common Vulnerability Scoring System. CVE identifies potential risks and vulnerabilities, and the CVSS system assesses those risks and assigns each one a numerical score. That score reflects the severity of the vulnerability.
In other words, CVE tells you the risks, CVSS tells you how dangerous they are. Both systems are incredibly useful for security professionals.
What’s in a CVE entry?
CVEs are usually quite brief. They don’t go into tons of technical data, and they won’t necessarily tell you how to solve the problem. What they do do is help you identify what you’re dealing with. You can then look up common fixes or safeguards for a particular vulnerability. This makes it easier for security professionals to coordinate their response, especially since everyone is working off the same playbook.
CVE entries include:
- CVE Identifier (CVE ID) – A unique number for that particular vulnerability. They look like this: CVE-2021-12345
- Description – A brief description of the threat, and the potential impacts if exploited.
- References – A list of references to additional information about the vulnerability. This includes stuff like research papers, patches and mitigation tips.
- Affected products – A list of the software, hardware, and systems commonly affected by the vulnerability. Very handy.
- CVSS Score – A numerical score that reflects the severity of the risk.
How do I use the CVE system?
Simply visit the new CVE website, cve.org , and start searching. You can either search by CVE ID (if you know it already) or by keyword. When you find the CVEs relevant to your hardware or systems, you can look up available patches, updates, or mitigation strategies. And by using the CVSS score, you can quickly prioritize your CVEs in order – from most to least harmful. Neat, right? And it’s all free!
What are some common vulnerabilities and exposures?
CVEs change over time as new vulnerabilities are discovered, or old ones get patched out of existence. So this list isn’t definitive by any means. It usually makes more sense to categorize CVEs into various types of threat. Here are a few common types of CVE vulnerabilities.
- Remote Code Execution (RCE) – Allows an attacker to execute code or commands on a target system from a remote location. In other words, take control of your network.
- Cross-Site Scripting (XSS) – These vulnerabilities usually occur in web apps. They allow attackers to inject malicious scripts into web pages. There are three main types: Stored (Persistent) XSS, Reflected (Non-Persistent) XSS, and DOM-based XSS.
- SQL Injection (SQLi) – By injecting malicious SQL queries, attackers can manipulate a web application’s database. Basically a backdoor to your private data.
- Authentication Bypass – A way for attackers to bypass authentication mechanisms, like passwords, to gain unauthorized access to systems or apps.
- Denial of Service (DoS) – A vulnerability whereby attackers can simply overwhelm a system or service, flooding it with bots or spam and crippling its ability to operate.