Common Vulnerabilities and Exposures, also known as CVEs is a database of publicly disclosed information security issues. Within Phishing Tackle, you can view a list of known security issues from various sources and create custom searches to stay informed on the latest threats.
How to access CVEs
- Under INFORMATION SECURITY in the left-hand column click "CVEs".
Common Vulnerabilities and Exposures Homepage
- Official MITRE CVE Site
- This is a link to an external knowledge base of adversary tactics and techniques based on real-world observations.
- Add New Search Term
- You can create a search term to quickly find new vulnerabilities and exposures for the products that your organisation uses. The section below will explain how to create a search term.
- CVEs Search Terms
- Select a search term to filter your vulnerabilities and exposure list.
- Search CVEs
- You can use the use the search bar to look for specific vulnerabilities and exposures.
- Vulnerability ID
- Each CVE is assigned an ID. If you click on the ID, you will be taken to an external page that will provide you with more information about the specific CVE.
- CVE entries can change over time as new information becomes available. The "Modified" field will display the last time the CVE was updated.
- Each CVE entry will contain a brief description of the issue. The description will often provide you with information about the impact of the vulnerability and who will be affected.
- The CVE "Source" is the website that provided information about the CVE.
- CVSS Severity
- The CVSS severity is a number on a scale of 0-10 that is used to measure the impact of vulnerabilities.
How to create a search term for CVEs
- Click "ADD NEW SEARCH TERM".
- Enter a term that you would like to be notified about. If you use a lot of Cisco products within your organisation, you can create the search term "Cisco".
- Click "Save".
- Select your new search team to filter your CVEs list.