Vulnerability classes, CVSS prioritization, and research databases
Foundations risk engagement: classified OS privilege escalation and cookie-auth bypass as Operating System and Application Logic flaws; briefed CVSS qualitative bands and the role of CVE/NVD/Exploit-DB in engagement research.
- Case files
- Vulnerability classes, CVSS prioritization, and research databases
Defined vulnerability categories, scored risk with CVSS bands, and framed research workflow for an ACKme-style engagement.
Documented category answers and CVSS rating scale for the risk register.
Engagement summary
Defined vulnerability categories, scored risk with CVSS bands, and framed research workflow for an ACKme-style engagement.
VULNERABILITIES 101 aligned the client’s language with NIST-style weakness definitions. Five practical categories: Operating System (user→administrator privilege escalation), Misconfiguration, Weak/Default Credentials, Application Logic (cookie-based auth bypass), and Human-Factor (phishing). Scoring: CVSSv3.1 qualitative bands None/Low/Medium/High/Critical (9.0–10.0 Critical) — useful for severity, imperfect for prioritization because exploit availability and environmental context matter. Research stack for engagements: CVE identifiers, NVD detail, Exploit-DB/GitHub PoCs under authorization only. Operator briefing stresses that only a small fraction of published vulns are ever exploited in the wild — patch priority must combine CVSS with asset criticality and threat intel, not score alone.
Business impact
Treating every Medium as equal burns remediation capacity. Mis-classifying logic bugs as “just config” delays the right owner. Without CVE/NVD discipline, teams chase blog PoCs that do not match the installed version.
Class examples and CVSS bands
Documented category answers and CVSS rating scale for the risk register.
ANALYST · RISK
savvy@lab:~$ # user → administrator privilege upgrade
class: Operating System
savvy@lab:~$ # login bypass via forged cookies
class: Application Logic
savvy@lab:~$ # CVSSv3.1 Critical band
9.0 – 10.0
CVSS BANDS
cvss-bands.txt
None 0
Low 0.1 – 3.9
Medium 4.0 – 6.9
High 7.0 – 8.9
Critical 9.0 – 10.0
Research: CVE → NVD → authorized PoC sourcesRemediation
Build a vulnerability management loop: discover → score (CVSS + business context) → patch/compensate → verify. Prefer VPR/threat-informed ranking alongside CVSS. Keep a curated allowlist of research sources for the SOC and red team.