Vulnerability Management: How are Vulnerabilities detected and scored?
search cancel

Vulnerability Management: How are Vulnerabilities detected and scored?

book

Article ID: 285041

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

How are Vulnerabilities detected and scored? 

Environment

  • Carbon Black Cloud Console

Resolution

OSQuery results are used is used compared to CVE information from National Vulnerability Database (NVD) to find issues

Additional Information

The Risk Score is calculated using the gathered results, please refer to Risk Evaluation for more information on this. If the information for the vulnerability from the NVD show it is fixed in a specific version the Vulnerability will show even if a fix is applied through other means. Only the noted resolutions from those Sources will resolve the Vulnerability.