Global Problems
- Ryan Seymour
What are Global Problems?
In short, these are the vulnerabilities that the ConnectSecure scan agent(s) have discovered. Vulnerabilities are automatically categorized into Problem Groups to help us understand and communicate what type of vulnerabilities we are discovering.
Global Problems - Table of Contents
- 1 Global Problems - Overview
- 2 Global Problem Group Name - Glossary of Terms
- 3 Global Problem Details - Overview
- 4 Global Problems - Details
- 4.1 Problem Name
- 4.2 Description
- 4.3 Assets
- 4.4 Severity
- 4.5 ConnectSecure Score
- 4.6 NVD Scores
- 4.7 Companies
- 4.8 Suppressed Records
- 4.9 Auto Suppressed
- 5 Global Problem View Switching - Global to Company
- 6 Global Problems - Action Toolbar Actions
- 7 Need Support?
Global Problems - Overview
This is your view of Problems across Assets for all your Companies.
Problems are the automatic groups discovered vulnerabilities will go into instead of just the traditional lists that include the CVE and severity. We are trying to make it easier to identify the type of vulnerabilities and group them for easier reporting and remediation.
The Problems screen automatically describes the Problem Group Names and counts for each Problem Group.
Global Problem Group Name - Glossary of Terms
The system automatically classifies discovered vulnerabilities into the specific Problem Group Names in the table below.
Problem Group Name | Description / Use Case |
|---|---|
0.90 > EPSS >= 0.85 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
0.85 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=85/90% |
0.95 > EPSS >= 0.90 | Vulnerabilities grouped by EPSS Scoring >=90/95% |
Antivirus Not Installed | Vulnerabilities grouped by category of AV not installed |
Backup Not Performed | Vulnerabilities grouped by category of Backup not performed |
CISA Notified Vulnerabilities | Vulnerabilities grouped by CISA classification; source CISA.GOV |
Critical Vulnerabilities | Vulnerabilities grouped by severity of Critical |
Database Vulnerabilities | Vulnerabilities grouped by category of Database |
EPSS >= 0.95 | Vulnerabilities grouped by EPSS Scoring >=95% |
Firewall Misconfiguration | Vulnerabilities grouped by category of firewall misconfig |
High Severity Vulnerabilities | Vulnerabilities grouped by severity of High |
Information Disclosure | Vulnerabilities grouped by category of information disclosure |
Informational | Vulnerabilities grouped by category of information only |
Low Severity Vulnerabilities | Vulnerabilities grouped by severity of Low |
Mail Vulnerabilities | Vulnerabilities grouped by category of mail |
Medium Severity Vulnerabilities | Vulnerabilities grouped by severity of Medium |
Operating System out of Support | Vulnerabilities grouped by category of OS out of support |
Remote Access Vulnerabilities | Vulnerabilities grouped by category of remote access |
Remote Login Vulnerabilities | Vulnerabilities grouped by category of remote login |
Running Services | Vulnerabilities grouped by category of running services |
SMB Vulnerabilities | Vulnerabilities grouped by category of SMB |
SSL Certificate Info | Vulnerabilities grouped by category of SSL |
SSL/TLS Vulnerabilities | Vulnerabilities grouped by category of SSL/TLS |
Web Server Fingerprint | Vulnerabilities grouped by category of web server fingerprint |
Global Problem Details - Overview
This screen gives detailed information about the Problems. It lets you quickly sort and filter the data based on the Problem Group, Affected Company, Affected Assets, Suppressed Records, and Auto Suppressed Records.
You will also find the Problem Name, Asset Count, Severity, Base Score, EPSS Score, Exploitability Score, Impact Score, Software Name, and Description.
Global Problems - Details
Problem Name
This includes the unique CVE-ID or description of the vulnerability.
Click on the CVE-ID or Problem Name value to be directed to the source.
Example from above: https://nvd.nist.gov/vuln/detail/CVE-2012-3807
Description
Includes the description of the vulnerability.
Assets
Displays the count of Assets affected by the vulnerability.
Click on the number count to see the asset's IP, Host Name, Importance, and Company Name.
Severity
Displays the Severity category for the selected vulnerability.
ConnectSecure Score
This is used for End-of-Life scoring, which will be displayed as a 10 since security updates are no longer provided to the EOL software.
Otherwise, the ConnectSecure Score will simply be the same as the NVD Base Score (for any non EOL)
NVD Scores
Displays scores based on the vulnerability, including Base, Impact, and Exploitability from the National Vulnerability Database (NVD).
Companies
Displays the number of companies affected by the vulnerability.
Click on the number count to see assets by Company and Count.
Click on the number count to see asset IP, Host Name, Importance, and Company Name.
Clicking the asset IP will take you to the Asset Details view.
Suppressed Records
Tap here to view any Approved, Open, or Closed-out problems marked for suppression.
NOTE: If you suppress a single CVE-ID, it will also suppress any related or superseded CVE-IDs that are related, and these will show up in the Suppressed Records area.
Auto Suppressed
These problems have been automatically suppressed based on your Suppress Vulnerabilities Days settings, which are available at both company and global levels.
Global Settings | Suppress Vulnerabilities Days
Company Settings | Suppress Vulnerabilities Days
Global Problem View Switching - Global to Company
We have simplified switching between Global Problems and Company Problems by changing the Company value in the top-right corner of the drop-down menu. Select any company, and the list will automatically update with filtered information.
Global Problems - Action Toolbar Actions
The action toolbar contains the Jobs, Alerts, Info, and Help Link options.
Need Support?
Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.
https://cybercns.freshdesk.com/en/support/login