There are a lots of vulnerabilities discovered everyday and that is a major reason every software gives a patch/updates. Known software vulnerabilities are available to everyone on the Internet. If an attacker knows which components you use, he can retrieve these vulnerabilities and find a way to exploit them.
Impact on Security:
- Attack on Confidentiality
- Attack on Integrity
- Attack on Availability
Exploitability : Average
Impact : Moderate
Possible Mitigation:
- Identify all components and the version you are using including all dependencies.
- Monitor the security of these components in public database, project mailing lists, and security mailing lists, and keep them up to date.
- Where appropriate, consider adding security wrappers around components to disable unused functionality and/or secure weak or vulnerable aspects of the component.
No comments:
Post a Comment