Vulnerability tree

From Cramsession

Revision as of 21:38, 8 November 2024 by Mflavell (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

✍️ Verified Author: Mflavell • Click to view professional profile & credentials

This tree is used to link vulnerabilities to remediation actions.

Tree Design

 1  [CVE]  [CVE] [CVE] [CVE]
     \      /     \    /
 2   [Module]     [Module]
          \      / 
 3        [Product]
             |
 4        [Action]

Implications

Exploits at layer 1, result from 
vulnerabilities in layer 2
that are implemented in the product or solution at layer 3
The action at layer 4 updates the product, fixing the module and resolving the exploit

Retrieved from "https://cramsession.net/index.php?title=Vulnerability_tree&oldid=654"

Navigation menu