Each month, SecureState releases the SecureState Vulnerability Alert, which provides an analysis of the most commonly identified vulnerabilities found during Assessments that SecureState performs on more than 350 clients. This release provides the security community with a description and threat of the most common and dangerous vulnerabilities that are occurring today, in addition to the CVSS base score, if applicable. The CVSS base score is the Common Vulnerability Scoring System, which was designed to provide a standard for rating software vulnerabilities. This scoring system is based on a range of 1-10.
SecureState will highlight one vulnerability each month, with an analysis on what the vulnerability means and what can be done to prevent it.
There are several reasons a Vulnerability Assessment would need to be performed. First, it is a good practice because it is important to see how your external presence looks. Second, there may be regulations that require Vulnerability Assessments on all of your systems. Third, the Payment Card Industry (PCI) requires quarterly scans on systems that handle credit card information. According to the Payment Card Industry Data Security Standard (PCI DSS), a vulnerability that causes a non-compliant report is any vulnerability that has a CVSS Base score of 4.0 and above. The table of vulnerabilities you see below is a list of the Top 5 Vulnerabilities SecureState saw that causes our clients to fail their PCI scan.
CVSS Base Score
|TCP Connections Established to Firewalled/Fil-tered Ports via HTTP Proxy ||Extreme ||The CONNECT method was allowed by an HTTP proxy server. These ports are normally inaccessible because TCP connection attempts normally fail. ||If this vulnerability is exploited, it can be used to bypass security rule sets on a firewall or filtering device. || |
|Web Server Predictable Session ID Vulnerability ||Medium ||Many websites incorporate user sessions. Each user connecting to a site is supposed to get a unique session ID. ||If this vulnerability is successfully exploited by guessing the session ID, an attacker can obtain cookie-based authentication credentials for legitimate users. || |
|Slow HTTP POST vulnerability ||Medium ||An attacker can hold server connections open by sending properly crafted HTTP POST headers that contain legitimate Content-Length header information to perform a DDoS attack. ||The web server will be completely inaccessible, but the services will still remain intact. || |