Home News Cisco: Introducing a New Addition to Cisco’s Security Impact Rating

Cisco: Introducing a New Addition to Cisco’s Security Impact Rating

0
Cisco: Introducing a New Addition to Cisco’s Security Impact Rating
0

The Cisco Product Security Incident Response Team (PSIRT) is committed to protecting customers by sharing security-related information in a timely manner and in different formats. Although some of the information that we receive may not relate to a specific vulnerability or issue in a Cisco product, the information may be valuable to our customers. For this reason, PSIRT is introducing a new Security Impact Rating (SIR) for Cisco Security Advisories: Informational.

The Informational rating gives PSIRT the flexibility to provide important security information that may not fit into the traditional Critical, High, Medium, and Low range of SIR values for our security advisories. In advisories that have an Informational SIR, we’ll cover topics such as:

  • Information discussed in a public forum
  • Configuration suggestions
  • General, proactive security outreach

The format of these advisories will be the same as any other type of Cisco Security Advisory. The following figure shows an example of a Cisco Security Advisory that has an Informational SIR:

Key differences from other advisories are the color and text in the advisory badge and the possible absence of Cisco bug IDs, a CVE ID, a CWE ID, and CVSS scores. This is due to the nature of the Informational advisory. Unlike advisories with other SIR values, Informational advisories are likely to discuss potential issues, not proven vulnerabilities or vulnerabilities that affect Cisco products. To learn how the new Informational SIR value compares to existing SIR values, see the Assessing Security Risk section of the Cisco Security Vulnerability Policy.

Read the entire article here, Introducing a New Addition to Cisco’s Security Impact Rating

Via the fine folks at Cisco Systems.

Categories:
Cisco Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close