NIS 2 21.2.f

Policies on vulnerability handling

UnveilScan findings mapped to this control

The scanner emits 4 distinct findings on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.cisa_kev ⏱ 1 day

WEB — Cisa kev

Risk if ignored: CISA KEV lists CVEs with documented active exploitation. Delay = compromise — US federal agencies have hard-deadline patching for this list.

security legal

Also maps to 3 other controls

web.cve_2022_22965_spring4shell ⏱ 4h

WEB — Cve 2022 22965 spring4shell

Risk if ignored: Remote code execution on a Spring backend is trivial with publicly documented payloads.

security

Also maps to 3 other controls

web.js_lib_cve ⏱ 15 min

WEB — Js lib cve

Risk if ignored: Low impact, mostly a maturity signal. Fix when you next touch this area.

operational

Also maps to 3 other controls

web.tech_cve ⏱ 15 min

WEB — Tech cve

Risk if ignored: Low impact, mostly a maturity signal. Fix when you next touch this area.

operational

Also maps to 3 other controls