Basic concepts

更新时间:
复制 MD 格式

This topic describes the terms used in Security Center.

Term

Description

CVSS

Common Vulnerability Scoring System (CVSS) is an open framework used to uniformly assess and quantify the severity of security vulnerabilities, helping you prioritize vulnerability remediation.

DDoS

Distributed Denial of Service (DDoS) is an attack in which an attacker uses multiple compromised systems (botnets) to flood targets with requests, exhausting their resources (bandwidth, CPU, memory, and more) and preventing legitimate users from accessing the service.

Web-CMS

Web Content Management System (Web-CMS) manages web page content, metadata, and other information assets through content repositories or databases. Common Web-CMS platforms may contain security vulnerabilities that attackers can exploit.

Baseline

A security baseline defines the minimum security configuration standards for operating systems, databases, and middleware. It covers weak password detection, account permission management, identity authentication, password policies, access control, security auditing, and intrusion prevention. Security Center provides baseline checks that scan configurations across operating systems, databases, and middleware. It offers security baselines (weak passwords, unauthorized access, historical vulnerabilities, and configuration red-line checks) and compliance baselines (classified protection compliance and internationally recognized security best practices), covering more than 30 system versions and more than 10 databases and middleware types.

Code execution

Code execution is an attack technique in which an attacker exploits application vulnerabilities to run malicious code or commands on a target server. If successful, code execution can lead to data leakage, allow an attacker to take control of the server, or use it as a foothold for further attacks.

Local privilege escalation

Local privilege escalation is a security threat in which an attacker exploits a system vulnerability to elevate their privileges from a low-privileged account to the highest system privileges (such as root or Administrator), gaining full control over the server. This type of vulnerability can bypass the security defense system and directly threaten system and data security.

Vulnerability

A vulnerability is a flaw in an operating system, application software, or security policy configuration, which may result from logic design oversights or coding errors. Attackers can exploit these flaws to access systems, steal data, or disrupt services without authorization. System administrators should promptly fix detected vulnerabilities.

Weak password

A weak password is a password that is easy to guess or crack through brute-force attacks. Weak passwords typically have the following characteristics: fewer than 8 characters, fewer than 3 character types, or use common passwords found in publicly available hacker dictionaries. Once an attacker obtains a weak password, they can directly log in to the system and even read or modify website code, posing serious security risks.