Published:

28 January 2022

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ASB-2022.0048 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2022.0048
        AusCERT Bulletin Impact/Access Assessment to CVSS Migration
                              28 January 2022

===========================================================================

OVERVIEW

        AusCERT's own Impact and Access Assessment is being replaced by the
        industry standard CVSS score in our Security Bulletins Service. You
        can filter (or use scripts) for "CVSS (Max)" and "ALERT" to prioritise
        vulnerability management.
        
        We've been planning changes and improvements to our Security Bulletins
        Service for quite some time, you might remember our AusCERT Security
        Bulletins survey released at the end of 2020. Through this process
        it was clear that Security Bulletins are very important to our
        members, however the detailed Impact and Access Vector assessment
        while "nice-to-have" is not essential, whereas the CVSS score
        certainly is.
        
        The Impact and Access Vector system is of AusCERT's own design many
        years ago, before CVSS Version 1 was released by NVD. For more
        information on CVSS, see https://nvd.nist.gov/vuln-metrics/cvss.
        CVSS has become a well-used worldwide standard, now in its third
        version. Therefore in place of the AusCERT Impact and Access Vector,
        beginning Monday 31 January 2022 bulletins will have a  CVSS score
        which will make prioritisation and automation much more streamlined.
        A new line in each Security Bulletin "CVSS (Max)" will show the
        highest scoring CVE and its associated Vector String, as per CVSS
        guidelines.
        
        Some bulletins may not have any CVSS score available from the vendor
        (or NVD) at the time AusCERT redistributes them. Also, history has
        shown that a low-CVSS-scoring vulnerability can over time increase
        in severity for a variety of other reasons. This is where the AusCERT
        Analyst Team's expertise will continue to provide you relevant
        contextual information: the [ALERT] tag in the email subject line
        informs you the bulletin is particularly time critical or references 
        an actively exploited vulnerability.
        
        As we continue to evolve the Security Bulletins Service you'll start
        to see more information and research from the Analyst Team in the
        form of AusCERT Security Bulletins (ASBs). If you'd like detailed
        information on AusCERT's implementation of CVSS in our Security
        Bulletins, please see our blog here:
        
        https://auscert.org.au/blogs/bulletin-impact-access-to-cvss-migration/


AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYfOOHuNLKJtyKPYoAQgUSQ/9Hep8Rl0vrgwjb8e7NdObBAvWr0MmkjAZ
bA4jth4sg7vGBlgKsv/uxXOfkBmd9KEn/rnIuIsaTrFiVTQrnKhJLBCwb0dwRfgQ
3DFCxMeVToxsfAQ8InPWCDYlyhXmxTazh8T7GyRgHzTuBEuZ1VTlbR9cfeB71a1B
5ldUvdMiHU0ctz7Zfef7eY/9fb11VBhEGQ9Vfu07Irzqs1lbMiYjGV1MC7IRnlKf
IL1I30EANqs10xjRhbe1PaaoXGi0ZSZu1bGy3UfIPeUHJRbm14KNCaSLC+po+QG0
O+F4RnizO7EIdcNfbB+LIlqlG4+4Jk4uAt/jUecpzDE1cExLnhUPd90Ia5IEx18z
3yNGmiYFu8nxMUpZTs6RaAY1X/ebs8lKOzzM0xgt0uXiZzh5nDn/FXCr+GGU2FWe
3ezDEQgcivdao9VtS8BjTH/QAjAIVTJZUPt+u1JE/3jhLD1W6ryxM8jcGatE5L+r
mBvKQihVSWAg0iKSckD5fRNQ39ZHsMfvNoLcbZIJ/Nl1z+QhqykdTGU+djJRts8u
vpHcbJrtgFLiGS5rMDw4XCE8JXYeG+GwrmRBap2DWQ1KGWgVnAvC9gnLO4bDGPIp
wA0eXVS+L7k/rR7EwK4giHVuWT+b3p64rtRHJVgWZbk8BCsuTeiDC4fk4bo94Mbi
lFeeYhnqTjA=
=c0Vo
-----END PGP SIGNATURE-----