IT BlogR

CVE Explained: Basics you should know

CVE-2019

The CVE or Common Vulnerabilities and Exposures, a platform aimed at sharing details about  Zero-day and disclosed vulnerabilities.

Webopedia also defines CVE as a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.

Useful tips about CVE:

In this article, we’ll explore the basics of CVE. But before that let’s quickly recap what vulnerabilities and exposures are.

Vulnerability

Vulnerability is a security flaw that may be exploited to perform cyber attacks. Criminals use a number of ways including SQL injection, cross-site scripting, and buffer overflows to look for vulnerabilities to exploit.

Many organizations invest in specialized teams that test for vulnerabilities and provide security patches. The causes of vulnerability include weak passwords, operating system flaws, unintentional development bugs, and unchecked user input, among others.

Exposure

Exposures are unintentional issues or errors that allow unauthorized access to a network or system.

Some of the massive data breaches are the result of exposures. A recent example of this is a record showing data breaches and cyber attacks in October 2019  alone, where 421 million records were breached.

These attacks usually come in form of Cyber attacks, Ransomeware, Data breaches, Financial information or PII data leaks,  malicious insiders and miscellaneous incidents

CVE: Weighing the benefits and risks

CVEs are publicly available and may be exploited by malicious actors to launch cyberattacks. However, the benefits overshadow this risk.

This article provides an elemental outline of CVE. For more details, you can refer to the official CVE website.

Exit mobile version