Red Hat Security Blog: September 2012 archives

  • How Red Hat rates JBoss security flaws

    Rating and CVSS v2 It's important to know how severe a security flaw is, so you can plan your response accordingly. Does the latest flaw have a high impact and need to be patched today, or can it wait until your planned upgrade next month? To communicate the risk of each JBoss security flaw, Red Hat uses a four-point severity scale of low, moderate, important and critical, in addition to Common Vulnerability Scoring System (CVSS) version 2 base scores. Most of the time the CVSS v2 base scores...
    Posted 2012-09-19T14:00:49+00:00 - 0
  • CWE Vulnerability Assessment Report

    Common Weakness Enumeration (CWE) is a dictionary or formal list of common software weaknesses. It is a common language or taxonomy for describing vulnerabilities and weaknesses; a standard measurement for software assurance tools and services' capabilities; and a base for software vulnerability and weakness identification, mitigation, and prevention. Weaknesses IDs are assigned to vulnerabilities in Red Hat products in chains. A chain is a sequence of two or more weaknesses that are closely...
    Posted 2012-09-05T13:00:20+00:00 - 0