This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Amit_Singh4
Participant
‎2018-08-13 09:32 AM

IPS Protection signatures with same name having diff. CVE number

My question is related with IPS Protection signatures. I can see same protection name with number of times having different CVE number. As i understand that these protection release on the basis of respective windows version but If i select only latest release of signatures in Detect/Prevent , does it cover rest of release too of same protection name.  Please find attached file for reference.

Example:-

Latest Release - CVE - 2018-8296 - If i select only this protection signatures to track the logs in detect/prevent...

Question is  - does it cover remaining " CVE-2018-8242, CVE-2018-8242.........................................................................CVE-2017-0158" ?

Preview file
179 KB
2 Replies
ED
Advisor
‎2018-08-13 11:26 PM

No, it does not cover the rest of same protection name. Internet Explorer is one of the most vulnerable products out there and a slight change in the attack will require a new CVE for that attack. For the naming of the attack it would not make any sense to give it a new name each time it was a slight change in the attack concerning Internet Explorer memory corruption. As you also mentioned not every CVE for that same name affects the same vulnerable systems. 

Amit_Singh4
Participant
‎2018-08-14 01:00 AM
In response to ED

Thank you Enis for information. This is helpful.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events