What is “Common Vulnerabilities and Exposures”
CVE is the abbreviation of Common Vulnerabilities and Exposures and is a publicly disclosed list of computer security vulnerabilities. When someone refers to CVE, they refer to a security vulnerability assigned a CVE identification number.
security bulletins issued by vendors and researchers almost always mention at least one CVE ID. CVE can help IT professionals coordinate their work, prioritize and resolve these vulnerabilities, thereby making computing systems more secure.
That means CVE identification numbers are given right after a Zero-Day vulnerability identified by Security Researchers.
What is Zero-Day Vulnerability
A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. An exploit that attacks a zero-day vulnerability is called a zero-day exploit.
Who owns CVE?
CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Operating as DHS’s Federally Funded Research and Development Center (FFRDC), MITRE has copyrighted the CVE List for the benefit of the community to ensure it remains a free and open standard, as well as to legally protect the ongoing use of it and any resulting content by government, vendors, and/or users. In addition, MITRE has trademarked ® the CVE acronym and the CVE logo to protect their sole and ongoing use by the CVE effort within the cybersecurity arena.
How to detect Version Vulnerabilities Passively
As Threat Intelligence Analyst we have to identify CVE numbered vulnerabilities in an unnoticed way.
Therefore tools like Nmap, Nikto, etc. are out of our scope,
Here are some tools that I recommend using to identify version vulnerabilities:
1- AwesomeTechStack.com
AwesomeTechStack provides insights into the security, modernity, and performance of any website’s technology stack and guidance to improve core web vitals and technology stack awesomeness.
2- WhatCms.org
WhatCMS.org handles requests from users around the world seeking to find out more about the websites they’re using. There are hundreds of content management systems in use on the web with significantly different amounts of usage.
3- Wappalyzer.com
Wappalyzer, founded by Elbert Alias in 2008, is a technology profiler and lead data provider. Our products provide sales and marketing teams with technographic insights and tools for lead generation, market analysis, and competitor research.
4- WhatRuns.com
WhatRuns is a new but advanced browser extension that helps you identify web technologies used on any website. Our proprietary pattern recognition algorithm efficiently detects even the latest web technologies and plugins used on websites.
WhatRuns extension can be used for competitor analysis, sales intelligence, and website profiling.
5- BuiltWith.com
BuiltWith technology tracking includes widgets, analytics, frameworks, content management systems, advertisers, content delivery networks, web standards, and web servers to name some of the technology categories we cover.
You can also reach the history of technologies
Sources:
What is a CVE? (redhat.com)
Common Vulnerabilities and Exposures — Wikipedia