Security Solutions: Vulnerability Scanner Overview

In this article, I will write a write-up for Vulnerability Scanner Overview that covers What Are Vulnerabilities, Vulnerability Scanning, Tools for Vulnerability Scanning, CVE & CVSS, and OpenVAS.

1. What is the process of fixing the vulnerabilities called? Patching

2. Which type of vulnerability scans require the credentials of the target host? Authenticated

3. Which type of vulnerability scan focuses on identifying the vulnerabilities that can be exploited from outside the network? External

4. Is Nessus currently an open-source vulnerability scanner? (Yea/Nay) Nay

5. Which company developed the Nexpose vulnerability scanner? Rapid7

6. What is the name of the open-source vulnerability scanner developed by Greenbone Security? OpenVAS

7. CVE stands for? Common Vulnerabilities and Exposures

8. Which organization developed CVE? MITRE Corporation

9. What would be the severity level of the vulnerability with a score of 5.3? Medium

10. What is the IP address of the machine scanned in this task? 10.10.154.44

11. How many vulnerabilities were discovered on this host? 13

    As the docker is started, you can now access OpenVAS by typing the following URL inside the browser:

    https://127.0.0.1/login/login.html

    The default login credentials of the tool are mentioned below:

    Username: admin

    Password: admin

    Note: Please be aware that the scanning process can be slow.

12. What is the score of the single high-severity vulnerability found in the scan? 10

13. What is the solution suggested by OpenVAS for this vulnerability? Change the password of the mentioned account(s).

Thank you for reading my article. Please leave any questions or comments on improving my learning journey and the Lab THM challenges. We can also connect more on LinkedIn or X.