User Guide Functional Overview Requirements Architecture System Installation NetEye Additional Components Installation Setup The neteye Command Director NetEye Self Monitoring Tornado Business Service Monitoring IT Operation Analytics - Telemetry Geo Maps NagVis Audit Log Shutdown Manager Reporting ntopng Visual Monitoring with Alyvix Elastic Stack IT Operations (Command Orchestrator) Asset Management Service Level Management Cyber Threat Intelligence - SATAYO NetEye Update & Upgrade How To NetEye Extension Packs Troubleshooting Security Policy Glossary
module icon Security Policy
Bugfix Policy Reporting Vulnerabilities
NetEye Update & Upgrade How To NetEye Extension Packs Troubleshooting Security Policy Glossary Introduction to NetEye Monitoring Business Service Monitoring IT Operation Analytics Visualization Network Visibility Log Management & Security Orchestrated Datacenter Shutdown Application Performance Monitoring User Experience Service Management Service Level Management & Reporting Requirements for a Node Cluster Requirements and Best Practices NetEye Satellite Requirements TCP and UDP Ports Requirements Additional Software Installation Introduction Single Node Cluster NetEye Master Master-Satellite Architecture Underlying Operating System Acquiring NetEye ISO Image Installing ISO Image Single Nodes and Satellites Cluster Nodes Configuration of Tenants Satellite Nodes Only Nodes behind a Proxy Additional NetEye Components Single Node Cluster Node Satellites Nodes only Verify if a module is running correctly Accessing the New Module Cluster Satellite Security Identity and Access Management External Identity Providers Configure federated LDAP/AD Emergency Reset of Keycloak Configuration Advanced Configuration Authorization Resources Tuning Advanced Topics Basic Concepts & Usage Advanced Topics Monitoring Environment Templates Monitored Objects Import Monitored Objects Data Fields Deployment Icinga 2 Agents Configuration Baskets Dashboard Monitoring Status VMD Permissions Notifications Jobs API Configuring Icinga Monitoring Retention Policy NetEye Self Monitoring 3b Concepts Collecting Events Add a Filter Node WHERE Conditions Iterating over Event fields Retrieving Payload of an Event Extract Variables Create a Rule Tornado Actions Test your Configuration Export and Import Configuration Example Under the hood Development Retry Strategy Configuration Thread Pool Configuration API Reference Configure a new Business Process Create your first Business Process Node Importing Processes Operators The ITOA Module Configuring User Permissions Telegraf Metrics in NetEye Telegraf Configuration Telegraf on Monitored Hosts Visualizing Dashboards Customizing Performance Graph The NetEye Geo Map Visualizer Map Viewer Configuring Geo Maps NagVis 3b Audit Log 3b Overview Shutdown Manager user Shutdown Manager GUI Shutdown Commands Advanced Topics Overview User Role Management Cube Use Cases ntopng and NetEye Integration Permissions Retention Advanced Topics Overview User Roles Nodes Test Cases Dashboard Use Cases Overview Architecture Authorization Elasticsearch Overview Enabling El Proxy Sending custom logs to El Proxy Configuration files Commands Elasticsearch Templates and Retentions El Proxy DLQ Blockchain Verification Handling Blockchain Corruptions El Proxy Metrics El Proxy Security El Proxy REST Endpoints Agents Logstash Elastic APM Elastic RUM Log Manager - Deprecated Overview Authorization in the Command Orchestrator Module Configuring CLI Commands Executing Commands Overview Permissions Installation Single Tenancy Multitenancy Communication through a Satellite Asset collection methods Display asset information in monitoring host page Overview Customers Availability Event Adjustment Outages Resource Advanced Topics Introduction Getting Started SATAYO Items Settings Managed Service Mitre Attack Coverage Changelog Before you start Update Procedure Single Node Upgrade from 4.41 to 4.42 Cluster Upgrade from 4.41 to 4.42 Satellite Upgrade from 4.41 to 4.42 DPO machine Upgrade from 4.41 to 4.42 Create a mirror of the RPM repository Sprint Releases Feature Troubleshooting Tornado Networking Service Management - Incident Response IT Operation Analytics - Telemetry Identity Provider (IdP) Configuration Introduction to NEP Getting Started with NEPs Online Resources Obtaining NEP Insights Available Packages Advanced Topics Upgrade to NetEye 4.31 Setup Configure swappiness Restarting Stopped Services Enable stack traces in web UI How to access standard logs Director does not deploy when services assigned to a host have the same name How to enable/disable debug logging Activate Debug Logging for Tornado Modules/Services do not start Sync Rule fails when trying to recreate Icinga object How to disable InfluxDB query logging Managing an Elasticsearch Cluster with a Full Disk Some logs are not indexed in Elasticsearch Elasticsearch is not functioning properly Reporting: Error when opening a report Debugging Logstash file input filter Bugfix Policy Reporting Vulnerabilities Glossary 3b

Bugfix Policy

The following section describes how and when we resolve security bugs in our products.

Security Bug Fix Service Level Objectives (SLO)

NetEye sets service level objectives for fixing security vulnerabilities based on the security severity level and the affected package. The following timeframes for fixing security issues in our product have been defined:

Standard Resolution Timeframe

The following resolution timeframes are respected should a security vulnerability be discovered within NetEye:

  • Critical, High severity bugs in product to be fixed within 90 days of being verified

  • Medium, Low severity bugs to be fixed in product within 180 days of being verified

Critical Vulnerabilities

When a Critical security vulnerability is discovered by a third party or Würth Phoenix itself, the latter will release a fix for the current version of the product:

For example: If a bug is discovered in 4.29 (current version) and the fix is ​​released 90 days later (current version after 90 days: 4.30) only 4.30 will be fixed.

Note

The bugfixes are not backported to versions prior to the one where the bug was fixed. This is why it is important to stay on the latest release for the version of the product you are using (this is best practice).

Non-critical vulnerabilities

When a security issue of a High, Medium or Low severity level is discovered, NetEye will aim to release a fix for the current version of the product within the service level objectives listed in Standard Resolution Timeframe.

You should upgrade your installations when a bug fix release becomes available to ensure that the latest security fixes have been applied.

Severity Levels

NetEye uses Common Vulnerability Scoring System (CVSS) as a method of assessing security risk and prioritization for each discovered vulnerability. CVSS is an industry standard vulnerability metric. You can learn more about CVSS at FIRST.org.

NetEye security advisories include a severity level. It is based on our self-calculated CVSS score for each specific vulnerability.

  • Critical

  • High

  • Medium

  • Low

For CVSS v3 WuerthPhoenix uses the following severity rating system:

CVSS V3 Score Range

Severity in Advisory

9.0 - 10.0

Critical

7.0 - 8.9

High

4.0 - 6.9

Medium

0.1 - 3.9

Low

In some cases, NetEye may use additional factors unrelated to CVSS score to determine the severity level of a vulnerability. This approach is supported by the CVSS v3.1. Should this approach be taken, NetEye will describe which additional factors have been considered and why upon publicly disclosing the vulnerability.

Below are a few examples of vulnerabilities which may result in a given severity level. Please keep in mind that this rating does not take into account details of your installation and are to be treated purely for a guide purpose.

Severity Level: Critical

Vulnerabilities that score in the critical range usually have most of the following characteristics:

  • Exploitation of the vulnerability likely results in root-level compromise of servers or infrastructure devices.

  • Exploitation is usually straightforward, in the sense that the attacker does not need any special authentication credentials or knowledge about individual victims, and does not need to persuade a target user, for example via social engineering, into performing any special functions.

For critical vulnerabilities it is recommended that you patch or upgrade as soon as possible, unless you have other mitigating measures in place. For example, prohibiting access to your installation from the Internet can serve as a mitigating factor.

Severity Level: High

Vulnerabilities that score in the high range usually have some of the following characteristics:

  • The vulnerability is difficult to exploit.

  • Exploitation could result in elevated privileges.

  • Exploitation could result in a significant data loss or downtime.

Severity Level: Medium

Vulnerabilities that score in the medium range usually have some of the following characteristics:

  • Vulnerabilities that require the attacker to manipulate individual victims via social engineering tactics.

  • Denial of service vulnerabilities that are difficult to set up.

  • Exploits that require an attacker to reside on the same local network as the victim.

  • Vulnerabilities where exploitation provides only very limited access.

  • Vulnerabilities that require user privileges for successful exploitation.

Severity Level: Low

Vulnerabilities in the low range typically have very little impact on an organization’s business. Exploitation of such vulnerabilities usually requires local or physical system access. Vulnerabilities in third party code that are unreachable from NetEye code may be downgraded to low severity.

Operating System

In NetEye we rely on the Red Hat Enterprise Linux 8 (RHEL 8) as an OS. This means that in terms of RedHat Lifecycle policy all OS packages will receive security updates and bug fixes.

Open Source Stack

There are a number of third-party software integrated within NetEye, which function in accordance with their own licenses and bug-fixing policies.

We actively cooperate with all third parties in order to fix vulnerabilities for the convenience of our customers. On top of that, Wuerth Phoenix is always aiming to detect vulnerabilities and report them to the software producers in order for them to process according to their own security policies.

Blog Online Demo Training
Contact Us
© 2025, Wuerth Phoenix S.r.l.
VAT ID 01054690217
Privacy Cookies