CYB 240 Project One Milestone - Morgan Muttitt

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

CYB-210

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

2

Uploaded by AgentHedgehogPerson918

Report
CYB 240 Project One Milestone Template To complete this template, replace the phrases in brackets with the relevant information. Firewall OpenVAS Report Vulnerability One Identification: CVSS: 10.0 PHP End of Life Detection (Windows). Description: The PHP version has reached the end of its life and should no longer be used. It will not receive any security updates from vendor and unfixed security vulnerabilities might result in an attacker compromising the security. Mitigation: The PHP version on this device should be updated immediately to the correctly supported version to prevent unauthorized access. Vulnerability Two Identification: CVSS: 9.0 PostgreSQL weak password Description: Someone was able to login to the PostgreSQL because the user used weak credentials. Mitigation: Update the password to a strong password immediately. Windows Server OpenVAS Report Vulnerability One Identification: CVSS: 10.0 phpMyAdmin End of Life Detection (Windows) Description: The PHP has reached the end of its life and should no longer be used. It is not receiving any security updates from vendor and created security vulnerabilities. Mitigation: The PHP needs to be updated to the correct version for this device immediately to prevent unauthorized access. Vulnerability Two Identification: CVSS: 7.5 PHP ‘socket_connect()’ Buffer Overflow Vulnerability (Windows) Description: The host has PHP installed and is prone to attack due to stack buffer overflow. Mitigation: Upgrade to version 5.3.7 or later immediately to avoid vulnerabilities. Ubuntu Server OpenVAS Report Vulnerability One Identification: CVSS: 10.0 OS End of Life Detection Description: The operating system has reached the end of its life and should not be used any further. Mitigation: The OS should be updated immediately. Vulnerability Two Identification: CVSS: 7.5 Test HTTP dangerous methods
Description: There is a misconfigured web server that is allowing remote clients to perform actions such as PUT and/or DELETE in the HTTP, this can be misused regarding uploading and/or deleting files. Mitigation: Restrict access to these HTTP methods or disable them immediately.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

HRM Assignment 6.docx
Legal Entanglement Project Part 3 - Policies and Procedures SALVATORE.docx
Lab 03 - Accounts, Permissions, and Network Tools.pdf
Lab 02 - Server Install and Linux File System.pdf
6-1 DISCUSSION WORKING WITH TABLEAU.docx
CPCCBC4007 - ASI - Student Instructions - Assessment 2 - Construction Documentation_V1.7 (7).docx
Performing_a_Vulnerability_Assessment_4e_-_Alejandro_Benavides.pdf
Using_Encryption_to_Enhance_Confidentiality_and_Integrity_4e_-_Alejandro_Benavides.pdf
Exploring_the_Seven_Domains_of_a_Typical_IT_Infrastructure_4e_-_Alejandro_Benavides.pdf
Chapter 5 Individual Assignment.docx
Week4 Homework.docx
White_Paper.docx