Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
security:ratings [2018-07-02 11:54]
Martin Berg 		security:ratings [2018-12-02 22:09] (current)
Line 1: Line 1:
-====== Priority and Severity ratings ======+====== Priority and severity ratings ======
 This is a guideline to help our customers prioritize updates and to assess the security impact of known software vulnerabilities. This is a guideline to help our customers prioritize updates and to assess the security impact of known software vulnerabilities.
  
Line 5: Line 5:
 The definitions of the priority ratings are: The definitions of the priority ratings are:
  
-Rating  ^ Definition +Priority  ^ Definition 
-Priority 1  | This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Lime recommends administrators install the update as soon as possible. (for example, within 72 hours). + 1  | This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Lime recommends administrators install the update as soon as possible. (for example, within 72 hours). 
-Priority 2  | This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Lime recommends administrators install the update soon (for example, within 30 days). + 2  | This update resolves vulnerabilities in a product that could be at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Lime recommends administrators install the update soon (for example, within 30 days). 
-Priority 3  | This update resolves vulnerabilities in a product that has historically not been a target for attackers. Lime recommends administrators install the update at their discretion.  |+ 3  | This update resolves vulnerabilities in a product that has historically not been a target for attackers. Lime recommends administrators install the update at their discretion.  |
  
 ===== Severity ratings ===== ===== Severity ratings =====
 The definitions of the severity ratings are: The definitions of the severity ratings are:
  
-Rating  ^ Definition +Severity  ^ Definition 
-| Critical  | A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without a user being aware. + Critical  | A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without administrators being aware. 
-| Important  | A vulnerability, which, if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources in a user's computer.  | + Important  | A vulnerability, which, if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources. 
-| Moderate  | A vulnerability that is limited to a significant degree by factors such as default configuration, auditing, or is difficult to exploit.  |+ Moderate  | A vulnerability that is limited to a significant degree by factors such as default configuration, auditing, or is difficult to exploit.  |
  
  • Last modified: 7 years ago
  • (external edit)