Skip to main content
Skip table of contents

Exploitability in Mend SCA

Overview

This feature enhances the security of your software, exposing known public exploits in detected open-source vulnerabilities within the Mend AppSec Platform. By proactively identifying and highlighting vulnerabilities that have public exploits, we empower users to take immediate action and prioritize the necessary remediation efforts.

Further reading that will help you get acquainted with public exploits.

Getting it done

Prerequisites before getting started with Exploitability

Viewing Exploitability Statuses in the Mend AppSec Platform

A known exploit will be displayed only when the Exploit Code Maturity is "Proof of Concept" or higher ("Proof of concept” / "Functional" / "High").

The exploitability information will be presented in the Dependencies section of your application or project. It’s available under the Risk Factors column in various tables, e.g., Direct Libraries, Findings etc.

Step 1 - Navigate to the Dependencies screen of your desired application/project.

image-20241115-132352.png

Step 2 - Click the exploitable CVE, its Severity or its Risk Factors will take you to the CVE Details window.

image-20241115-130332.png

Step 3 - At the top, you can see all the Risk Factors impacting the CVE.

The exploitability information will be displayed under the Threat Assessment section:

image-20241115-125604.png

Exploitability Information

The Threat Assessment is section will display the following parameters:

  • Exploit Maturity
    Available statuses are Not defined, Unproven, Proof of concept, Functional and High.

    • Proof-of-concept- exploit code is accessible, or a practical attack demonstration is challenging for many systems. The code or technique may not be functional in all scenarios and could demand significant alteration by a skilled attacker.

    • Functional- The code works in most situations where the vulnerability exists.

    • High- Functional autonomous code exists, or no manual exploit is needed (automatic activation), and information is widely accessible. Code functions universally, or it's being spread by self-operating agents like worms or viruses. Network-linked systems will probably face scanning or attacks. Exploit creation is advanced with dependable, widely available, user-friendly automation tools.

  • EPSS (%)
    EPSS predicts the likelihood of a vulnerability being exploited in the wild. It provides a score between 0 and 1, where higher scores indicate a greater probability of active exploitation. However, it does not guarantee exploitation; it simply means that, based on the data and models used to generate the score, there is a higher probability that attackers might target this vulnerability.

Exploitability in the Mend API

API 3.0

2 parameters, exploitCodeMaturity and epssPercentage, have been added to the Get Project Security Findings (Dependencies - SCA). They will appear under the threatAssessment section of the response:

image-20241118-141232.png

More information about these API calls is available in the Mend API.

Exploitability in the Repo Integrations

The exploitability data can also be toggled on in the repo integration, by adding "exploitability": true to the scanSettings section of the .whitesource config file

  • If scanSettings.exploitability is set to true and the vulnerability has exploitability data → this will be reflected in the issues and security check

  • If scanSettings.exploitability is set to true and the vulnerability has no exploitability data → no threat assessment information will be displayed for the vulnerability in the table and the “Threat Assessment” section shouldn’t be in the details

Example:

CODE 
{
  "scanSettings": {
    "configMode": "AUTO",
    "enableLicenseViolations": true,
    "baseBranches": [],
    "exploitability": true
  },
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close