Documentation forNetwork Configuration Manager

Firmware Vulnerabilities

This widget displays a list of firmware vulnerability warnings provided by National Institute of Standards and Technology (NIST), with indications of severity and correlation with any nodes NCM currently manages.

NCM 2019.4 with Hotfix 1 (or later) is required to process current firmware vulnerability data from NIST.

Item Description
Entry ID The Common Vulnerabilities and Exposures (CVE) identifier for a specific vulnerability. Click this identifier to view firmware vulnerability details and update the remediation status.
CVSS V2 Base Score

The Common Vulnerability Scoring System (CVSS) uses metrics to determine the severity of a determined vulnerability. The metrics analyze and assign a value to these aspects related to exploiting a vulnerability:

  • Access required
  • Access complexity
  • Authentication requirement
  • Confidentiality protection
  • Integrity or imperviousness of data to change
  • Availability safeguards
Severity

A CVSS score determines the severity of a vulnerability as:

  • Low (0-3.9)
  • Medium (4.0-6.9)
  • High (7.0-10.0)
Target Node(s) The nodes managed by NCM that are potentially threatened by this vulnerability.