Syhunt now supports CVSS v3 vulnerability scoring
We're happy to announce that Syhunt version 6.3, released today, adds full support for CVSS. CVSS stands for Common Vulnerability Scoring System and is an industry open standard designed to convey vulnerability severity and help determine urgency and priority of response.
To enable the best use of the CVSS system, CVSS3 and CVSS2 vectors were assigned to all kinds of vulnerabilities currently detected by Syhunt Dynamic and Syhunt Code. Now, when a report is generated, vulnerabilities are sorted by default based on their CVSS3 score. This means that instead of the classic four-step sorting (High, Medium, Low, Info), there are now 101 possible vulnerability ratings, going from 0.0 (None) to 10.0 (Critical), determined during runtime. In addition to this, XML exports now contain full CVSS3 and CVSS2 data, such as the Base Score, Impact Score, Exploitability Score, Temporal Score and more.
|Low||0.1 - 3.9|
|Medium||4.0 - 6.9|
|High||7.0 - 8.9|
|Critical||9.0 - 10.0|
- Added a Comparison report template that displays the evolution of vulnerabilities over time by automatically comparing previous scan session data related to a specific target.
- Added the ability to compare past scan sessions to determine new, unchanged or removed vulnerabilities, and save the comparison results as HTML (Menu -> Past Sessions -> Compare Checked button).
- Revamped PDF report generation.
We hope you enjoy the new release!