This essay has been submitted by a student. This is not an example of the work written by professional essay writers.
Uncategorized

 Overview of Common Weakness Enumeration scoring system

shawn magalla 23 Apr 2024

Pssst… we can write an original essay just for you.

Any subject. Any type of essay. We’ll even meet a 3-hour deadline.

GET YOUR PRICE

writers online

 Overview of Common Weakness Enumeration scoring system

The Common Weakness Scoring System lays out a mechanism used to prioritize software vulnerabilities or weaknesses in a uniform, elastic, and transparent way. It provides a partnership platform to address the needs of stakeholders in the government, academic field, and the industrial community.   The scores are automatically calculated using a code analyzing tool. Sometimes, a developer can calculate the scores manually. Automated analysis is often faced with insufficient information, such as the operating environment of the application. This means CWSS scoring has to be conducted in several rounds. This is achieved by having a tool automatically calculating the CWSS scores.   The manual addition of other details is done then a human analyst recalculates the scores.

CWSS has three metric groups: A Base Finding, An Attack Surface, and the Environmental. Every group has several factors used to calculate a CWSS score for every weakness. The Base Finding metric captures the built-in risk of the weakness, trust in the precision of discovery, and the controls’ firmness.  The Attack Surface has barriers that an aggressor has to overcome to exploit a weakness. The Environmental factor is concerned with the attributes of a weakness which are specified in a particular operational environment.

Common weakness: Input Validation Attack

This is a client-side code administration attack. Exploitation is achieved by executing malicious codes to a web browser of the target. The included malicious script is put in a legitimate website page or a website application. As the target visits the web page, the actual attack execution of the malicious code occurs. The web page or the web application is used to deliver the malicious code to the user’s web browser. Vulnerable means commonly exploited for this attack are conferences, message panels, and web pages that accept comments.

The vulnerability experienced by a web application or a web page comes from user inputs that have o tee verified the generated output.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Reference

Attack surface reduction. Youtu.be. (2018). Retrieved November 4, 2020, from https://youtu.be/KpuYMqDXdbE

Cross-site scripting. Acunetix.com. (2020). Retrieved November 4, 2020, from

CWSS. Cwe.mitre.org. (2020). Retrieved November 4, 2020, from https://cwe.mitre.org/cwss/cwss_v1.0.1.html

https://www.acunetix.com/websitesecurity/cross-site-scripting/

Input validation attacks. Youtu.be. (, 2014). Retrieved November 4, 2020, from   https://youtu.be/u8gVgWXrNhw

 

  Remember! This is just a sample.

Save time and get your custom paper from our expert writers

 Get started in just 3 minutes
 Sit back relax and leave the writing to us
 Sources and citations are provided
 100% Plagiarism free
GET CUSTOM ESSAY
Copyright © 2016
error: Content is protected !!
×
Hi, my name is Jenn 👋

In case you can’t find a sample example, our professional writers are ready to help you with writing your own paper. All you need to do is fill out a short form and submit an order

Check Out the Form
Need Help?
Dont be shy to ask