Security News > 2021 > September > Unpatched Bugs Plague Databases; Your Data Is Probably Not Secure – Podcast
Imperva's Elad Erez discusses findings that 46 percent of on-prem databases are sitting ducks, unpatched and vulnerable to attack, each with an average of 26 flaws.
A five-year longitudinal study found that nearly one out of every two on-premises databases globally - 46 percent - is vulnerable to attack, given that it has at least one unpatched vulnerability.
The study, which involved 27,000 scanned databases globally, discovered that more than half - 56 percent - of those CVEs are rated "High" or "Critical" in severity, indicating that routine patching is being shrugged off by many organizations.
Conducted by Imperva Research Labs and published on Tuesday, the study - carried out with the company's database-scanning service - also found that the average database contains 26 unpatched CVEs.
Some of those vulnerabilities have left databases open to attack for three or more years - a scandalous length of time, given the sensitivity and value of data.
Erez popped into the Threatpost podcast to discuss the results of the unprecedented study, which managed to reach into organizations' shadowy nooks and crannies - on private, local networks - to suss out how their owners manage the security of databases that aren't exposed to the internet.
News URL
https://threatpost.com/unpatched-databases-data-not-secure-podcast/169428/