Filtering by Vulnerability and CVE ID
Has your organization been impacted by the latest security vulnerabilities? Nexpose now makes it even easier for you to answer this question. Enhanced asset and vulnerability filtering features come with Nexpose 5.10.15. It is now easier for you to search your assets by using a new CVE ID option as a filter criterion. You can also narrow down your list of vulnerabilities depending on which vulnerability category you wish to view or what CVE ID they have been assigned. This is a valuable enhancement to the Nexpose filtering capabilities which we can illustrate with the recently published POODLE vulnerability.
Poodle stands for the Padding Oracle On Downgraded Legacy Encryption and affects the SSL encryption technology. The POODLE vulnerability impacts SSL 3.0 and given the right conditions would allow an attacker to gain access to information that would let them take over your account. Nexpose has been updated with checks for POODLE which was assigned the CVE ID of CVE-2014-3566.
The enhanced filtering criterion feature will allow you to quickly identify any assets on your network which may be affected by the POODLE vulnerability as well as any other CVE graded vulnerability you may have concerns about.
Applying the CVE Filter to search for POODLE Vulnerability
Filtering for Vulnerabilities by CVE ID enables you to refine your search for vulnerabilities by their given CVE ID.
1. To apply a CVE ID filter, click Apply Filter on the Vulnerabilities page to expand the filter panel.
2. Once expanded, you will see the new filtering option of CVE ID.
3. Select the 'is' operator and enter the POODLE CVE ID (CVE-2014-3566).
In addition to the CVE ID filter, we have released two more filters with 5.10.15, Assets by Vulnerability and Vulnerabilities by Vulnerability Category.