CVE Data Is Often Misinterpreted: Here’s What to Look For

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Most people only ever give common vulnerabilities and exposures (CVEs) a passing glance. They might look at the common vulnerability scoring system (CVSS) score, determine whether the list of affected products is a concern for them, and move on.

That’s not surprising when there’s more to sift through than ever. Considering there have been more than 14,000 CVEs and counting published in 2021, it isn’t practical to try and investigate them all. We are on pace to see nearly 40% more CVEs in 2021 than last year.

When you do see a CVE that might apply to you, how can you tell? What should you be looking at to determine if it’s worth your time?

Unfortunately, you can’t just read the title of a CVE and know whether it’s safe to ignore. Within CVE data, there are actionable details that can help address your security concerns, including auxiliary data points, like common platform enumeration (CPE) specifics. It requires a

Read the article