This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session203/Deliverable 2"
From OWASP
(Created page with ' Open Web Application Security Program - Security Bulletin [RELEASEDATE] ---------------------------------------------------------------------------- FLAW TITLE (CVE-…') |
Sandra Paiva (talk | contribs) |
||
| Line 1: | Line 1: | ||
| + | == Deliverable 2 == | ||
| + | |||
| + | '''OWASP Security Bulletin Template''' | ||
| + | |||
| + | |||
Open Web Application Security Program - Security Bulletin [RELEASEDATE] | Open Web Application Security Program - Security Bulletin [RELEASEDATE] | ||
---------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | ||
Latest revision as of 19:48, 28 January 2011
Deliverable 2
OWASP Security Bulletin Template
Open Web Application Security Program - Security Bulletin [RELEASEDATE]
----------------------------------------------------------------------------
FLAW TITLE
(CVE-????)
SUMMARY
----------------------------------------------------------------------------
Short description of the flaw and how it was discovered.
CVSS SCORE (Overall Score in Parenthesis)
----------------------------------------------------------------------------
Calculated at http://nvd.nist.gov/cvss.cfm?calculator&version=2
CVSS Base Score
?
Impact Subscore
?
Exploitability Subscore
?
CVSS Temporal Score
?
CVSS Environmental Score
Undefined (We can't calculate environmental factors)
Overall CVSS Score
?
DETAILS
----------------------------------------------------------------------------
Details of the flaw, including research notes should go into this section.
IMPACT
----------------------------------------------------------------------------
Potential impact of the flaw should be described here
LIKELIHOOD OF EXPLOIT
----------------------------------------------------------------------------
Likelihood that the flaw would be exploited should go here. Details such as
whether the flaw is in the wild, if proof of concept code exists, if that
code is publicly available or has been released, and other factors relating
to the likelihood of the flaw being exploted should all be disclosed here.
AFFECTED VERSIONS
----------------------------------------------------------------------------
Projects and versions that are vulnerable
ISSUE TRACKER LINKS
----------------------------------------------------------------------------
Links to issues in the project(s) issue trackers should be listed here
WORKAROUND
----------------------------------------------------------------------------
If a workaround solution exists, it should be detailed here
PERMANENT RESOLUTION
----------------------------------------------------------------------------
If a permanent solution exists, it should be detailed here
----------------------------------------------------------------------------
OWASP Projects Security Disclosure Group [email protected]
PGP: ????
