CVSS Information Update by Analyzing Vulnerability Information
First Claim
1. An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, said system comprising:
- vulnerability information analyzing functionality to analyze preexisting vulnerability information, said preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, said at least one vulnerability having a preexisting CVSS score, said preexisting CVSS score being based at least partially on said preexisting vulnerability information;
vulnerability information extraction functionality, responsive to said analyzing preexisting vulnerability information, to extract new vulnerability information, said new vulnerability information relating to said at least one of said at least one vulnerability and said at least one attack vector thereof; and
CVSS score updating functionality to employ said new vulnerability information to update said preexisting CVSS score.
8 Assignments
0 Petitions
Accused Products
Abstract
An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system including vulnerability information analyzing functionality to analyze preexisting vulnerability information, the preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, the at least one vulnerability having a preexisting CVSS score, the preexisting CVSS score being based at least partially on the preexisting vulnerability information, vulnerability information extraction functionality, responsive to the analyzing preexisting vulnerability information, to extract new vulnerability information, the new vulnerability information relating to the at least one of the at least one vulnerability and the at least one attack vector thereof, and CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.
-
Citations
15 Claims
-
1. An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, said system comprising:
-
vulnerability information analyzing functionality to analyze preexisting vulnerability information, said preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, said at least one vulnerability having a preexisting CVSS score, said preexisting CVSS score being based at least partially on said preexisting vulnerability information; vulnerability information extraction functionality, responsive to said analyzing preexisting vulnerability information, to extract new vulnerability information, said new vulnerability information relating to said at least one of said at least one vulnerability and said at least one attack vector thereof; and CVSS score updating functionality to employ said new vulnerability information to update said preexisting CVSS score. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer product for automatic update of a Common Vulnerability Scoring System (CVSS) score, including a non-transitory, tangible computer-readable medium in which computer program instructions are stored, which instructions, when read by a computer, cause the computer:
-
to analyze preexisting vulnerability information, said preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vectors thereof, said vulnerability having a preexisting CVSS score, said preexisting CVSS score being based at least partially on said preexisting vulnerability information; responsive to said analyzing preexisting vulnerability information, to extract new vulnerability information, said new vulnerability information relating to said at least one of said at least one vulnerability and said at least one attack vector thereof; and to employ said new vulnerability information to update said preexisting CVSS score. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A method for automatic update of a Common Vulnerability Scoring System (CVSS) score, said method comprising:
-
analyzing preexisting vulnerability information, said preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, said at least one vulnerability having a preexisting CVSS score, said preexisting CVSS score being based at least partially on said preexisting vulnerability information; responsive to said analyzing preexisting vulnerability information, extracting new vulnerability information, said new vulnerability information relating to said at least one of said at least one vulnerability and said at least one attack vector thereof; and employing said new vulnerability information to update said preexisting CVSS score. - View Dependent Claims (13, 14, 15)
-
Specification