Vulnerability Discovery and Analysis Questions

A penetration tester performs an unauthenticated vulnerability scan and receives a result flagging a service as vulnerable to a known CVE. Before atte...

A penetration tester is assessing a web application and needs to identify vulnerabilities in the application's source code without running the applica...

A penetration tester reviews a Nessus scan report and notices that a Windows server is flagged for MS17-010 (EternalBlue). The server is running Windo...

A penetration tester performs a vulnerability scan and discovers a finding for CVE-2021-44228 (Log4Shell) on a Java-based application server. Before a...

A penetration tester discovers that a web application uses an older version of a third-party JavaScript library with a known XSS vulnerability. The ap...

A penetration tester is performing a web application security assessment and uses Burp Suite's scanner to identify an injection vulnerability. What ty...

Which term describes a vulnerability for which no patch or fix is currently available from the vendor, often because the vendor is unaware of it?

A penetration tester is reviewing a web application and notices that the server responds with verbose error messages including database names, table s...

What does the CVSS (Common Vulnerability Scoring System) base score measure?

A penetration tester performs an authenticated Nessus scan of a Windows domain controller and discovers a finding titled "MS14-068: Microsoft Kerberos...

A penetration tester is reviewing the output of an OpenVAS vulnerability scan. The tool reports a finding rated CVSS 9.8 on a public-facing server. Be...

A penetration tester is assessing a web application and discovers that the application uses JWT (JSON Web Token) authentication. When inspecting a cap...