https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7655#M5653 <HTML><HEAD></HEAD><BODY><P>By threat severity I mean the Critical, High, Medium, Low and informational in the threat prevention table </P></BODY></HTML> Mon, 22 Aug 2011 20:34:20 GMT neil_collins 2011-08-22T20:34:20Z https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7653#M5651 <HTML><HEAD></HEAD><BODY><P>How is the threat severity level determined?</P><P></P><P>Critical, High, Medium, Low or Informational</P><DIV> </DIV></BODY></HTML> Mon, 22 Aug 2011 17:45:13 GMT https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7653#M5651 neil_collins 2011-08-22T17:45:13Z https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7654#M5652 <HTML><HEAD></HEAD><BODY><P> Hi,</P><P></P><P>The document at this link contains the matrix for determining threat severity.</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-1051">https://live.paloaltonetworks.com/docs/DOC-1051</A></P></BODY></HTML> Mon, 22 Aug 2011 20:25:25 GMT https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7654#M5652 nrice 2011-08-22T20:25:25Z https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7655#M5653 <HTML><HEAD></HEAD><BODY><P>By threat severity I mean the Critical, High, Medium, Low and informational in the threat prevention table </P></BODY></HTML> Mon, 22 Aug 2011 20:34:20 GMT https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7655#M5653 neil_collins 2011-08-22T20:34:20Z https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7656#M5654 <HTML><HEAD></HEAD><BODY><P><STRONG>Critical</STRONG>l vulnerabilities typically affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special&nbsp; authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.</P><P><STRONG>High </STRONG>vulnerabilities typically have the ability to become critical but have mitigating factors that make them less attractive to attackers. They may be difficult to exploit,.do not result in elevated privileges or do not have a large victim pool.</P><P><STRONG>Moderate</STRONG>vulnerabilities are those where the scales are tipped in favor of the victim, such as a denial of service attack which does not compromise the target. They include exploits that require an attacker to reside on the same LAN as the victim, affect only non-standard configurations or obscure applications, or the exploitation only provides very limited access.</P><P><STRONG>Low </STRONG>vulnerabilities typically have very little impact on an organization's infrastructure.&nbsp; They usually require local or physical system access and may often result in victim privacy or DoS issues and information leakage. </P><P><STRONG>Informational </STRONG>vulnerabilities may be suspicious events that are reported to call attention that deeper problems could possibly exist.</P></BODY></HTML> Mon, 22 Aug 2011 22:09:52 GMT https://live.paloaltonetworks.com/t5/general-topics/how-is-the-threat-severity-level-determined/m-p/7656#M5654 nrice 2011-08-22T22:09:52Z