Professional Documents
Culture Documents
SUPERXTRA
May 2023
Objective
Provide SUPERXTRA the results of analyzes listed bellow, indicating the risks and
vulnerabilities detected in the assets. This with the purpose of delivering an executive
report of risk treatment or mitigation recommendations, to minimize the risk level of the
analyzed assets.
Executive Summary
Camel Secure provides an assessment of existing vulnerabilities that were found in the
scans listed below:
The assets that were included in the analyzes are listed in the following table:
The objective of this report is to present the risks associated with your infrastructure, but
even more importantly, the risks associated with the Business Services.
This document details the identification of the vulnerabilities found.We will be able to
see the criticality of each one, the committed asset and how they are related to the
Business Services.
2
Assessment Calculation
For the analysis result, an evaluation scale is used that allows us to obtain a level of the
security state, which is based on the Scoring CVSS System (Common Vulnerability
Scoring System).
CVSS
Risk Description
Score
They are considered informative findings since they only provide
None 0.0
information of the system operation.
Low 0.1 - 3.9 Vulnerabilities with low impact on the system.
Vulnerabilities that affect one or more components of the system,
but complex to exploit or that do not have a total impact on the
Medium 4.0 - 6.9
confidentiality or integrity of the information, neither on the
availability of services.
They completely affect the availability of the services, the integrity
High 7.0 - 8.9 of the information or its confidentiality; however, special
characteristics are required for their exploitation.
They completely affect the availability of services, the integrity of
Critical 9.0 - 10.0 the information or its confidentiality. They don't require specific
characteristics or knowledge for their exploitation.
3
Summary of Findings
Consolidated
Details of Findings
The following list show the vulnerabilities found and the affected assets, orber by
criticality.
5
Affected Business Services
6
Affected Operating Systems
OS Nº Vulnerabilities
Microsoft Windows Server 2012 R2 Standard Edition 2
7
Vulnerabilities by Criticality
Criticality Nº Vulnerabilities
Critical 2
High 12
Medium 0
Low 0
Total 14