Network examination reports provide additional references, where possible, for each vulnerability. These allow cross-referencing with other sources of information about the vulnerabilities discovered during our tests.
All reports are checked by one of our security team before they are sent out. If you find any serious inaccuracies in the report, or in the advisories referenced by the report, then please contact us at firstname.lastname@example.org .
CVE (Common Vulnerabilities and Exposures) is a dictionary of standardised names for vulnerabilities and other information security exposures, which has been adopted by a large number of organisations throughout the computer security industry. CVE Names are often quoted in security advisories.
The CVE name for each vulnerability is included as part of the information for each vulnerability in the report. In online reports generated by Netcraft, the CVE name is included in the “CVE name” column in the vulnerability table. In the “printable” reports, the CVE name is included in brackets after the vulnerability description. You can search reports for a particular CVE name using the text searching ability of your browser.
Please note that not all vulnerabilities that are tested during a Network Examination will have an exact match to a CVE name. Usually this is because either the CVE entry is too specific or Netcraft’s tests include vulnerabilities for which no CVE entry exists. If there is no matching CVE entry then no corresponding CVE name is given in the report.
Netcraft retrieves new copies of the base CVE databases every working day. The version of the CVE database used for any given report is indicated at the end of the report.
CVE and the CVE logo are registered trademarks of The MITRE Corporation.
CVSS (Common Vulnerability Scoring System) is a standard in vulnerability scoring, which provides severity ratings of software vulnerabilities. A CVSS FAQ can be found at https://www.first.org/cvss/v2/faq . Where a vulnerability has a CVE Name, we will also include the NIST NVD (National Vulnerability Database) CVSS 2.0 ‘base score’ as a severity rating out of 10 (0 is low, 10 is high) and a risk ranking of “Low”, “Medium” or “High”.