Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
13 views14 pages

Understanding The Vulnerability Knowledgebase

Uploaded by

farseena17july
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views14 pages

Understanding The Vulnerability Knowledgebase

Uploaded by

farseena17july
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

Understanding the Vulnerability Knowledgebase

1
Understanding the
Knowledgebase is an important,
foundational subject which you
need to know before you master
other subjects.

Can you see how many


vulnerabilities are included in
total?

Click anywhere to continue.

2
The main list includes a summary
of each vulnerability, including CVE
and vendor references, the CVSS
base score, and the publication
date.

Now click on the Search button to


begin filtering this list.

Sep 5, 2023 1 of 14
Understanding the Vulnerability Knowledgebase

3
In the Search dialog box, click on
the scroll bar to scroll down.

4
You are now going to filter the
knowledgebase to only those
entries published in the previous
month.

Click on the drop down arrow next


to "Published".

Sep 5, 2023 2 of 14
Understanding the Vulnerability Knowledgebase

5
Click the drop down arrow to
select a time range.

6
Click Month

7
Click the Search button

Sep 5, 2023 3 of 14
Understanding the Vulnerability Knowledgebase

8
Notice how the number of
vulnerabilities that are displayed
has been reduced.

Click on the Search button again


to filter the list even further.

9
In the Search dialog box, click the
scroll bar to scroll down.

Sep 5, 2023 4 of 14
Understanding the Vulnerability Knowledgebase

10
Click the drop down arrow next
to Vendor

11
Type microsoft

12
Click the Search button.

Sep 5, 2023 5 of 14
Understanding the Vulnerability Knowledgebase

13
Notice how the total number of
vulnerabilities has again been
reduced.

Next, click on the Search button


again to filter the list even
further.

14
In the Search dialog box, click on
the checkbox next to "No Patch
Solution".

15
Click Search

Sep 5, 2023 6 of 14
Understanding the Vulnerability Knowledgebase

16
You have filtered the list to show
only Microsoft vulnerabilities
that have been published within
the last month, and which have
no patch solution available.

Click on the drop down arrow


next to the first vulnerability in
order to see more details.

17
Click Info

18
The General Information tab
shows you some important
details including the Severity
Level and Discovery Method.

To understand these more, refer


to this article, then click the
"Details" tab to continue.

Sep 5, 2023 7 of 14
Understanding the Vulnerability Knowledgebase

19
The details tab displays CVE and
vendor references, where
applicable.

Click on the Software tab to


continue.

20
In the Software tab, we can see
the vendor and product to which
this vulnerability refers.

Click the Solution tab to


continue.

21
Sometimes the Solution tab will
display patch details. There is no
relevant patch for this
vulnerability, but a recommended
action is given instead.

Click the Close button.

Sep 5, 2023 8 of 14
Understanding the Vulnerability Knowledgebase

22
Click the second vulnerability in
the list to continue.

23
Click the drop down arrow next
to the second vulnerability.

24
Click Info

Sep 5, 2023 9 of 14
Understanding the Vulnerability Knowledgebase

25
Why do you think the Severity
Level is 5 (Urgent) for this
vulnerability? Refer to this article
for more information. What is the
generic description for the
"Urgent" Severity Level?

Click the Software tab to


continue.

26
We can see again the vendor and
product to which this
vulnerability refers.

Click on the Threat tab to


continue.

27
The Threat tab provides more
details as to the nature of the
threat and the specific editions
of Windows which are affected.

This could then be used to help


guide our remediation strategy.

Click on the Impact tab to


continue.

Sep 5, 2023 10 of 14
Understanding the Vulnerability Knowledgebase

28
The Impact tab explains why the
Severity Level is the highest.

Click on the Close button to


continue.

29
Now click on the last
vulnerability in the list.

30
Click the drop down arrow.

Sep 5, 2023 11 of 14
Understanding the Vulnerability Knowledgebase

31
Click Info

32
We can see that this Q.I.D. is not
a vulnerability as such, but
"Information Gathered".

When included in the results of a


scan, it will show user account
control information.

Click Details to continue.

33
The Details tab, not surprisingly,
does not show CVE or vendor
references, as this is an
Information Gathered Q.I.D. and
not a discovered vulnerability.

Click on the Software tab to


continue.

Sep 5, 2023 12 of 14
Understanding the Vulnerability Knowledgebase

34
As before, the Software tab
shows us the vendor and
product.

Click on the Threat tab to


continue.

35
The Threat tab explains what
this Q.I.D. is about, which in this
case means describing what
information the Q.I.D. reveals.

Click the Close button to


continue.

36
In this lab you have learned how
to filter the KnowledgeBase and
learned more about the details
included for each vulnerability
entry.

That's it, you're done. You may


now close this browser tab.

Sep 5, 2023 13 of 14
Understanding the Vulnerability Knowledgebase

Scan to go to the interactive player

Sep 5, 2023 14 of 14

You might also like