Part 1,2 - Use the National Vulnerability Database

Computer Science Assignment - Vulnerability Analysis

Write a concise, but complete report that answers the questions below.  Support your responses with citations (hyperlinks are okay).  

Part 1:  Use the National Vulnerability Database to look up the following vulnerabilities:  CVE-2019-13450 and CVE-2019-13567

1.  What are the vulnerabilities described in these two entries?

2.  What are the CVSS scores for each vulnerability?  Why is one rated to have a higher CVSS score than the other?  Explain.

3.  What STRIDE aspects apply to the vulnerabilities?

4.  What individuals / organizations provided references for these advisories?

Part 2:  Use the keyword search feature of the NVD to find a vulnerability affecting a commonly used software/service/platform (hint:  you can search by company name).    

1.  What is the CVE?  Provide the identifier and a link to the description.

2.  Give a brief description of the vulnerability in your own words.  No need to go into specific technical details, just a high-level description.  

3.  What is the CVSS score?  What factors merited the vulnerability receiving that score?

4.  Based on the entry can you tell:  who discovered it; whether an exploit exists; and if it has been patched.  Provide links to the appropriate references.