CVSS information update by analyzing vulnerability information

US 9,003,537 B2
Filed: 01/31/2013
Issued: 04/07/2015
Est. Priority Date: 01/31/2013
Status: Expired due to Fees

First Claim

Patent Images

1. An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system comprising:

electronic circuitry for implementing vulnerability information analyzing functionality to analyze preexisting vulnerability information via;

recognizing a URL linking to a source of vulnerability advisory information related to the preexisting vulnerability information, andrecognizing a pattern of text corresponding to the preexisting vulnerability information of a vulnerability record,wherein the preexisting vulnerability information relates to at least one of a vulnerability or an attack vector, the vulnerability associated with a preexisting CVSS score, and the preexisting CVSS score being based at least partially on the preexisting vulnerability information;

electronic circuitry for implementing vulnerability information extraction functionality, responsive to the recognizing the pattern of text, to extract new vulnerability information via;

retrieving the URL, andscanning the source for a section related to the vulnerability advisory information that corresponds to the new vulnerability information,wherein the new vulnerability information relates to the at least one of the vulnerability or the attack vector; and

electronic circuitry for implementing CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system including vulnerability information analyzing functionality to analyze preexisting vulnerability information, the preexisting vulnerability information relating to at least one of at least one vulnerability and at least one attack vector thereof, the at least one vulnerability having a preexisting CVSS score, the preexisting CVSS score being based at least partially on the preexisting vulnerability information, vulnerability information extraction functionality, responsive to the analyzing preexisting vulnerability information, to extract new vulnerability information, the new vulnerability information relating to the at least one of the at least one vulnerability and the at least one attack vector thereof, and CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.

24 Citations

View as Search Results

20 Claims

1. An automated system for automatic update of a Common Vulnerability Scoring System (CVSS) score, the system comprising:
- electronic circuitry for implementing vulnerability information analyzing functionality to analyze preexisting vulnerability information via;
  
  recognizing a URL linking to a source of vulnerability advisory information related to the preexisting vulnerability information, andrecognizing a pattern of text corresponding to the preexisting vulnerability information of a vulnerability record,wherein the preexisting vulnerability information relates to at least one of a vulnerability or an attack vector, the vulnerability associated with a preexisting CVSS score, and the preexisting CVSS score being based at least partially on the preexisting vulnerability information;
  
  electronic circuitry for implementing vulnerability information extraction functionality, responsive to the recognizing the pattern of text, to extract new vulnerability information via;
  
  retrieving the URL, andscanning the source for a section related to the vulnerability advisory information that corresponds to the new vulnerability information,wherein the new vulnerability information relates to the at least one of the vulnerability or the attack vector; and
  
  electronic circuitry for implementing CVSS score updating functionality to employ the new vulnerability information to update the preexisting CVSS score.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The automated system for automatic update of the CVSS score according to claim 1, wherein the system further comprises:
    - a vulnerability database comprising a collection of vulnerability records and a collection of CVSS score records, each of the vulnerability records comprising information pertaining to a particular vulnerability relevant to an enterprise, and each of the vulnerability records having a corresponding CVSS score record.
  - 3. The automated system for automatic update of the CVSS score according to claim 2, wherein the preexisting vulnerability information is stored in at least one of the database or a publicly available web page.
  - 4. The automated system for automatic update of the CVSS score according to claim 3, wherein the electronic circuitry for implementing vulnerability information analyzing functionality is to analyze the preexisting vulnerability information from the publicly available web page by employing at least one of:
    - parsing the text of the publicly available web page;
      
      matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with the preexisting vulnerability information;
      
      orheuristic detection of the preexisting vulnerability information found in the text of the publicly available web page.
  - 5. The automated system for automatic update of the CVSS score according to claim 1, wherein the new vulnerability information is stored in a publicly available web page.
  - 6. The automated system for automatic update of the CVSS score according to claim 5, wherein the electronic circuitry for implementing vulnerability information extraction functionality is to extract the new vulnerability information from the publicly available web page by employing at least one of:
    - parsing the text of the publicly available web page;
      
      matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with the new vulnerability information;
      
      orheuristic detection of the new vulnerability information is found in the text of the publicly available web page.

7. A computing device for automatic update of a Common Vulnerability Scoring System (CVSS) score, including a non-transitory, tangible computer-readable medium with computer program instructions stored thereon, the instructions, when executed by a processor, cause the processor to:
- recognize text corresponding to preexisting vulnerability information of a vulnerability record, andrecognize a source of vulnerability advisory information related to the preexisting vulnerability information,wherein the preexisting vulnerability information relates to at least one of a vulnerability or an attack vector, the vulnerability associated with a preexisting CVSS score, and the preexisting CVSS score being based at least partially on the preexisting vulnerability information;
  
  responsive to the recognized text corresponding to the preexisting vulnerability information, extract new vulnerability information from the source,wherein the new vulnerability information relates to the at least one of the vulnerability or the attack vector; and
  
  employ the new vulnerability information to update the preexisting CVSS score.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The computing device for automatic update of the CVSS score according to claim 7, wherein the preexisting vulnerability information is stored in a publicly available web page.
  - 9. The computing device for automatic update of the CVSS score according to claim 8, wherein while analyzing preexisting vulnerability information, the processor performs at least one of:
    - parsing the text of the publicly available web page;
      
      matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with the preexisting vulnerability information;
      
      orheuristic detection of the preexisting vulnerability information found in the text of the publicly available web page.
  - 10. The computing device for automatic update of the CVSS score according to claim 7, wherein the new vulnerability information is stored in publicly available web page.
  - 11. The computing device for automatic update of CVSS score according to claim 10, wherein while extracting preexisting vulnerability information, the processor performs least one of:
    - parsing the text of the publicly available web page;
      
      matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with the new vulnerability information;
      
      orheuristic detection of the new vulnerability information found in the text of the publicly available web page.

12. A method for automatic update of a Common Vulnerability Scoring System (CVSS) score, said method being implemented in a computing system comprising at least one physical processor, the method comprising:
- analyzing preexisting vulnerability information of a vulnerability record;
  
  analyzing a source of vulnerability advisory information related to said preexisting vulnerability information,wherein the preexisting vulnerability information relates to at least one of a vulnerability or an attack vectors, the vulnerability associated with a preexisting CVSS score, and the preexisting CVSS score including a temporal score based at least partially on the preexisting vulnerability information;
  
  responsive to the analyzing preexisting vulnerability information, extracting, from the source, new vulnerability information corresponding to a vulnerability property of a temporal score metric,wherein the new vulnerability information relates to the at least one of the vulnerability or the attack vector; and
  
  employing the new vulnerability information to update the temporal score of the preexisting CVSS score of a CVSS score record corresponding to the vulnerability record.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method for automatic update of the CVSS score according to claim 12, wherein the preexisting vulnerability information and the new vulnerability information are each stored in a publicly available web page.
  - 14. The method for automatic update of the CVSS score according to claim 13, wherein the analyzing preexisting vulnerability information further comprises:
    - parsing the text of the publicly available web page.
  - 15. The method for automatic update of the CVSS score according to claim 13, wherein the extracting new vulnerability information further comprises:
    - parsing the text of the publicly available web page.
  - 16. A method for automatic update of the CVSS score according to claim 13, wherein the extracting new vulnerability information further comprises:
    - matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with the new vulnerability information.
  - 17. A method for automatic update of the CVSS score according to claim 13, wherein the extracting new vulnerability information further comprises:
    - heuristically detecting the new vulnerability information in the text of the publicly available web page.
  - 18. A method for automatic update of the CVSS score according to claim 13, wherein the analyzing preexisting vulnerability information further comprises:
    - matching elements of the text of the publicly available web page to a predefined textual pattern, wherein the predefined textual pattern is associated with preexisting vulnerability information.
  - 19. A method for automatic update of the CVSS score according to claim 13, wherein the analyzing preexisting vulnerability information further comprises:
    - heuristically detecting the preexisting vulnerability information in the text of the publicly available web page.
  - 20. A method for automatic update of the CVSS score according to claim 12, further comprising:
    - calculating a new CVSS score based on the update to the temporal score, the new CVSS score calculated based on a base score, an environmental score, and the temporal score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Raz, Barak, Feher, Ben
Primary Examiner(s)
Desrosiers, Evans

Application Number

US13/755,831
Publication Number

US 20140215629A1
Time in Patent Office

796 Days
Field of Search

713153-154, 713187-188, 713193-194, 726/1, 726/13, 726 22- 33, 709/206, 709/249, 709/389
US Class Current

726/25
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

CVSS information update by analyzing vulnerability information

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CVSS information update by analyzing vulnerability information

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links