1
00:00:10,200 --> 00:00:14,590
Let us continue with little assessment in the previous lectures.

2
00:00:14,880 --> 00:00:20,240
We saw what is meant by a vulnerability assessment and the phases of vulnerability assessment.

3
00:00:20,910 --> 00:00:26,830
But the main question is, how do security experts define the range of uncertainty?

4
00:00:27,120 --> 00:00:28,230
How do they retreat?

5
00:00:28,680 --> 00:00:32,160
And therefore they use the vulnerability scoring systems.

6
00:00:32,910 --> 00:00:34,770
Now, what are these scoring systems?

7
00:00:35,340 --> 00:00:40,800
There are three major types of vulnerabilities, scoring systems, which are, as you can see on the

8
00:00:40,800 --> 00:00:41,290
screen.

9
00:00:41,610 --> 00:00:46,610
The first is common vulnerabilities scoring system that is sevices.

10
00:00:47,490 --> 00:00:50,340
Second is common vulnerability and exposure.

11
00:00:50,340 --> 00:00:51,480
That is key.

12
00:00:51,990 --> 00:00:55,260
And the last one is national vulnerability database.

13
00:00:55,470 --> 00:00:59,730
And really all of this we're going to see in a couple of minutes.

14
00:01:00,150 --> 00:01:07,350
So without wasting any much time, I will directly take you to the website of Common Volatility's scoring

15
00:01:07,350 --> 00:01:10,350
system that is C.V SS.

16
00:01:13,730 --> 00:01:17,810
So right now on Google, just type common.

17
00:01:20,880 --> 00:01:28,080
Vulnerability scoring system, you can see this just click into now the forced website that is forced

18
00:01:28,320 --> 00:01:35,070
dot or you have to click there and the common vulnerability scoring system provides a way to capture

19
00:01:35,070 --> 00:01:36,630
the principal characteristics.

20
00:01:36,660 --> 00:01:37,690
Now, what does that mean?

21
00:01:38,790 --> 00:01:47,820
That means CVN Services provides an open framework for communicating the characteristics and impact

22
00:01:47,850 --> 00:01:54,810
of I.T. vulnerabilities, its quantitative model, and choose that repeatable and accurate measurement

23
00:01:55,050 --> 00:02:00,900
while enabling users to see underlying vulnerability characteristics that were used to generate the

24
00:02:00,900 --> 00:02:01,480
scores.

25
00:02:01,950 --> 00:02:03,480
So how to generate the scores?

26
00:02:03,610 --> 00:02:05,520
I will show you a quick demonstration.

27
00:02:05,790 --> 00:02:13,050
If you go to the calculator section here, you can see calculator and now you have to input the values

28
00:02:13,050 --> 00:02:20,670
in the base score tab and depending upon the base score tab, the final score gets calculator to see

29
00:02:20,670 --> 00:02:20,920
how.

30
00:02:21,240 --> 00:02:28,050
Now suppose you find out of an error in a website and according to that you have to give the Choose

31
00:02:28,050 --> 00:02:29,500
the Values calculator.

32
00:02:29,760 --> 00:02:31,220
So how did you attack the network?

33
00:02:31,230 --> 00:02:35,250
Using network, using actors and apps using physical or local?

34
00:02:35,280 --> 00:02:38,690
Now, since it was a website, I will choose a network.

35
00:02:38,760 --> 00:02:39,920
It was built on network.

36
00:02:39,920 --> 00:02:42,420
OK, now scope of the negative.

37
00:02:42,440 --> 00:02:43,350
What was the school?

38
00:02:43,350 --> 00:02:45,700
Whether it was what does a scope define.

39
00:02:46,020 --> 00:02:50,610
So does a successful attack impact a component other than the one level component?

40
00:02:51,000 --> 00:02:52,920
If so, the base code increases.

41
00:02:53,360 --> 00:02:56,960
So now what was the scope, the scope change after the attack or.

42
00:02:56,970 --> 00:02:57,530
No, no.

43
00:02:57,540 --> 00:03:03,840
It remained unchanged, so unchanged at that complexity was low or high and there is no medium option.

44
00:03:04,140 --> 00:03:11,250
So to just register the score, please select low confidentiality if it revealed any database or any

45
00:03:11,250 --> 00:03:12,230
admin passwords.

46
00:03:12,780 --> 00:03:20,430
Well, let's for for our example, let's click on the database was revealed integrity.

47
00:03:20,880 --> 00:03:27,810
It was high and availability was low because, you know, it is not a vulnerability which actually made

48
00:03:27,810 --> 00:03:33,840
an effect on the availability, not privileges required law, because we found not the admin password.

49
00:03:33,840 --> 00:03:39,900
So we didn't actually require to attack the admin account and user interaction was required.

50
00:03:40,410 --> 00:03:41,400
Yes, it was required.

51
00:03:41,730 --> 00:03:47,330
So you can see after clicking Disvalue, the automatically the score of the calculator.

52
00:03:47,790 --> 00:03:51,180
Now the base code is seven point six.

53
00:03:51,600 --> 00:03:57,780
And now if not, let's say you find find this vulnerability and then submit it to some organization

54
00:03:58,020 --> 00:04:00,150
and it easily accepted Norm.

55
00:04:00,220 --> 00:04:01,680
You have to provide other measures.

56
00:04:01,680 --> 00:04:06,720
You have to provide a proof of concept and then they will actually analyze and then they'll provide

57
00:04:06,720 --> 00:04:07,230
the score.

58
00:04:07,590 --> 00:04:11,130
If you scroll down, exploit code maturity.

59
00:04:11,250 --> 00:04:17,610
Now, whether it is unproven, proof of concept, functional or high iSelect proof of concept, so it

60
00:04:17,820 --> 00:04:24,010
clue, then the report confirms now how you are reporting this vulnerability.

61
00:04:24,360 --> 00:04:30,300
Now, if you are a security expert and you tell that probably, yes, I have got the database fully

62
00:04:30,300 --> 00:04:36,480
confirmed and let's say you got a name and password and then you try accessing the website using those

63
00:04:36,480 --> 00:04:44,820
passwords and more successful, which means the confidence is confirmed, then modified attack vector,

64
00:04:44,820 --> 00:04:46,320
multiple attack complexity.

65
00:04:46,680 --> 00:04:50,990
These are the values you have to fill and then you will get the final scores.

66
00:04:51,000 --> 00:04:56,400
For example, confidentiality requirement was medium integrity of medium and availability.

67
00:04:56,640 --> 00:05:04,140
Let's say confidentiality was high and presto, things are medium now modified attack vector network

68
00:05:04,150 --> 00:05:06,120
at local level it was network.

69
00:05:06,630 --> 00:05:13,770
Then multiple attack complexity was high, then modified privileges required were law modified user

70
00:05:13,770 --> 00:05:15,060
interaction none.

71
00:05:16,290 --> 00:05:24,810
Then modify the scope, Ms unchanged, modify the confidentiality, none, so it became medium or let's

72
00:05:24,810 --> 00:05:30,390
say high, and it changes to a high modifier integrity, high quality high.

73
00:05:30,810 --> 00:05:33,180
So this is the final score.

74
00:05:33,190 --> 00:05:37,650
So base score is seven point six and seven point two.

75
00:05:37,650 --> 00:05:40,950
And this is the final attack string.

76
00:05:40,950 --> 00:05:44,580
So you can see a hell of a liberty confidential.

77
00:05:44,610 --> 00:05:45,870
These are high, low values.

78
00:05:45,870 --> 00:05:52,320
So this vector string you have to submit to the organization and then they will decide and give credit

79
00:05:52,410 --> 00:05:53,520
to your vulnerability.

80
00:05:54,000 --> 00:05:57,930
So this is how a common vulnerability score system works.

81
00:05:57,940 --> 00:06:03,390
You have to provide the input and it will give you the output in the form of the score.

82
00:06:07,040 --> 00:06:13,820
The next scoring system is common vulnerability and exposure to start with common vulnerability and

83
00:06:13,820 --> 00:06:14,250
exposure.

84
00:06:14,270 --> 00:06:14,690
This team.

85
00:06:15,780 --> 00:06:18,240
So as you can see on the Google just type.

86
00:06:19,180 --> 00:06:29,530
Seifi and hit Enter it is a website of Mitre organization, so just click the first website.

87
00:06:33,340 --> 00:06:41,980
Now, yes, you can see the latest TV news become a numbering authority and let us see sort the civilised.

88
00:06:44,550 --> 00:06:56,930
Here we can see if I just click on S.V. of Askew Injection, let us see what I can get here.

89
00:06:59,100 --> 00:07:06,750
Oh, yes, so as conviction has these are these are the sleeves, so you can see the force stands for

90
00:07:07,140 --> 00:07:16,320
the year and this number stands that if the next number stands for the number total number of vulnerabilities

91
00:07:16,320 --> 00:07:17,540
reported in that year.

92
00:07:17,550 --> 00:07:22,190
So you can see in 2020, around nine thousand one, they have already reported.

93
00:07:22,530 --> 00:07:26,940
And if you click anywhere on the vulnerability, you can see the vulnerability number.

94
00:07:26,970 --> 00:07:32,070
See, this is the number we learn more about national voluntary database.

95
00:07:32,070 --> 00:07:33,660
We'll see it in a couple of minutes.

96
00:07:34,110 --> 00:07:42,000
Then assigning CNN, who has assigned this CV to the person, then description and proposed.

97
00:07:42,030 --> 00:07:49,320
Now it is in this case, no one has shared the name they have kept it confidential for, I don't know,

98
00:07:49,320 --> 00:07:50,700
for public purposes or what.

99
00:07:51,000 --> 00:07:57,330
So this is how CV works, particularly if you look at national vulnerability database.

100
00:07:58,170 --> 00:07:59,130
We can see that.

101
00:07:59,550 --> 00:08:00,180
Yes.

102
00:08:00,360 --> 00:08:04,070
So see the explosion, see any Biscoe?

103
00:08:04,080 --> 00:08:05,610
It's critical vulnerability.

104
00:08:05,640 --> 00:08:11,660
You can see these are the possible vectors that impact expertise.

105
00:08:11,670 --> 00:08:17,730
Kuris three point nine attack victories, network attack complexities, law prevents requirements and

106
00:08:17,730 --> 00:08:22,540
no privileges are required to modify this vulnerability, which is a very critical thing.

107
00:08:23,640 --> 00:08:26,190
So weaknesses, changes to, etc..

108
00:08:26,340 --> 00:08:27,990
So this was all for this lecture.

109
00:08:27,990 --> 00:08:34,110
From the next lecture onwards, we will start with automating one liberty assessment using the necessary

110
00:08:34,110 --> 00:08:34,440
tool.