AnsweredAssumed Answered

Vulnerability Title Changes

Question asked by David Moule on May 15, 2015
Latest reply on May 24, 2015 by David Moule

I have noticed that the title of three vulnerabilities have been changed as follows;

 

Example 1:

 

WAS: VMWare ESX 4.0.0 Patch Release ESX400-201305001 Missing (KB2044243)

NOW: VMWare ESX 4.0.0 Patch Release ESX400-201305001 Missing (KB2044240)

 

Example 2:

WAS: Adobe Flash Player Remote Code Execution Vulnerability - Zero Day

NOW: Adobe Flash Player Remote Code Execution Vulnerability (APSB15-03)

 

Example 3:

WAS: Microsoft Windows SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2 Missing (KB2949927)

NOW: Microsoft Windows SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2 Missing (KB3033929)

 

Can someone tell me if this is a common occurrence, and if it is possible to access  a list of the vulnerabilities that have changed. Also, if the title is changed does this get recorded on the Service Modified field. If so, the help file needs to be amended to reflect this  as at present title is not mentioned.

 

The reason I need to know this is associated with the mechanism by which we correlate vulnerabilities with our ticketing system and yes I know that utilizing the QID would be  a unique solution that would be far more consistent.

 

Thanks

Outcomes