This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Amit_Singh4
Participant
‎2018-08-13 09:32 AM

IPS Protection signatures with same name having diff. CVE number

My question is related with IPS Protection signatures. I can see same protection name with number of times having different CVE number. As i understand that these protection release on the basis of respective windows version but If i select only latest release of signatures in Detect/Prevent , does it cover rest of release too of same protection name.  Please find attached file for reference.

Example:-

Latest Release - CVE - 2018-8296 - If i select only this protection signatures to track the logs in detect/prevent...

Question is  - does it cover remaining " CVE-2018-8242, CVE-2018-8242.........................................................................CVE-2017-0158" ?

Preview file
179 KB
2 Replies
ED
Advisor
‎2018-08-13 11:26 PM

No, it does not cover the rest of same protection name. Internet Explorer is one of the most vulnerable products out there and a slight change in the attack will require a new CVE for that attack. For the naming of the attack it would not make any sense to give it a new name each time it was a slight change in the attack concerning Internet Explorer memory corruption. As you also mentioned not every CVE for that same name affects the same vulnerable systems. 

Amit_Singh4
Participant
‎2018-08-14 01:00 AM
In response to ED

Thank you Enis for information. This is helpful.

0 Kudos