AnsweredAssumed Answered

Exploitable unauthenticated vulnerabilities

Question asked by James Hamill on Aug 1, 2018
Latest reply on Aug 1, 2018 by DMFezzaReed

Hi all, 

 

As part of a risk assessment, I want to include some data on vulnerabilities that are exploitable without authentication. My gut feel is that the simplest way to gather this data would be to conduct an unauthenticated scan of the hosts in question. I was more wondering if there was any data associated with a QID that would state whether or not the vulnerability is exploitable when unauthenticated or not? 

 

Thanks in advance for any guidance on this, even if it's merely confirming that an unauthenticated scan is the best approach! 

Outcomes