Alexander Bergmann
By: Alexander Bergmann

December 22, 2017 3:37 am

550 views

We will switch to CVSS v3.0 starting in 2018

After our announcement back in January this year, and a transition phase where we scored both version 2 and version 3, we will finally switch entirely to the Common Vulnerability Scoring System (CVSS) version 3.0 for vulnerability assessment with the beginning of 2018. Customers who automatically check our v2 scoring will no longer see any […]

Read More



By: msmeissn

September 5, 2017 8:33 pm

1,068 views

Our CVE Pages – self help to security issues in SUSE Linux Enterprise

SUSE CVE Pages SUSE offers various self-service options for getting information on Security Issues. One of these self-service options that are intended for human consumption are our CVE Pages. For every CVE that might be related to our products we provide a webpage with our current status. These pages cover SUSE Enterprise products, and also contain […]

Read More


chamilton
By: chamilton

March 31, 2017 10:20 am

2,726 views

Security Vulnerability Scanners on Enterprise Linux

Colin Hamilton coming at you again from the SUSE team. In this post I want to discuss security vulnerability scanners and their role in an Enterprise Linux environment like SUSE. This role is a common pitfall I’ve seen that lead customers to our support team. So what’s the problem? Well, vulnerability scanners are kinda dumb. […]

Read More



By: jlove

January 16, 2017 9:17 am

1,953 views

SUSE will move to CVSS v3.0

One aspect of IT security is risk assessment and risk management. Newly announced or discovered vulnerabilities need to be evaluated and put into context to understand the impact they have. A widely-used framework to measure such issues is the Common Vulnerability Scoring System (CVSS). In practice currently two versions – CVSS v2 released in 2007 […]

Read More



By: Rich Paredes

August 4, 2015 11:42 am

2,583 views

Stay Up On Latest Security Vulnerabilities

Staying updated on the latest security vulnerabilities can be daunting which can understandably lead you to ask whether a particular version of SLES is vulnerable. The first thing to note when you get a security notification, for example from https://cve.mitre.org, https://nvd.nist.gov, or even by word of mouth, is the CVE identifier which will look similar to this: CVE-2015-5477 …

Read More