Security End of Life (SEoL) Plugin Conversions 2023 Q3...

Security End of Life (SEoL) Plugin Conversions 2023 Q3 Change In accordance with the SEoL framework published in late April of this year, we are updating and/or deprecating the legacy “Unsupported ...

Impact

Plugins

joerg_gerschuet

Connect Contributor

2 years ago

In my opinion any SEoL should have a severity high or critical. Is there a reason why

182270 "Apache Subversion Server SEoL (1.10.x)"

182333 "Apache Subversion Client SEoL (1.10.x)"

182337 "Apache Subversion Client SEoL (1.9.x)"

182346 "Apache Subversion Client SEoL (1.11.x)"

are rated "low" whereas from the same familiy

182328 "Apache Subversion Client SEoL (1.8.x)"

is rated "critical"?

From past experience the low rated ones will never be adjusted in the future even if they get older and thus more severe (even if there might be arguments to have them "low" today). And also from experience nobody will take care about low ones as this is the often cited "risk based approach" 

EDIT:

There are similar inconsistencies with "VMware Carbon Black App Control SEoL" and (sic!) "Tenable Nessus * SEoL"

There should be a consistent rating of "Critical" throughout all SEoL plugins.

zcerkovnik
Employee
2 years ago
Hello Joerg. Please see the blog post which accompanied the release of the SEoL framework earlier this year. Additionally, there is an FAQ document that may help provide clarity.

Forum Discussion

Security End of Life (SEoL) Plugin Conversions 2023 Q3...

Recent Discussions

VMware Integration vSphere 9.0 Compatibility

Improvement to Printer OS Fingerprinting

NuGet Package Enumeration Updates

Cisco Meraki API Host Guidance

Delinea Platform Authentication Support

Americas

Europe

Asia / Australia