What is a common vulnerability scoring system score?
CISSP Flashcards: Security Assessment, Penetration Testing, Vulnerability Management
Audio flashcard · 0:39Nortren·
What is a common vulnerability scoring system score?
0:39
The Common Vulnerability Scoring System, or CVSS, is an open framework for rating the severity of software vulnerabilities on a scale from 0.0 to 10.0. Scores are categorized as none at 0.0, low from 0.1 to 3.9, medium from 4.0 to 6.9, high from 7.0 to 8.9, and critical from 9.0 to 10.0. CVSS considers base metrics like attack vector and complexity, temporal metrics like exploit availability and patch status, and environmental metrics reflecting the specific organization's context. CVSS scores help prioritize remediation efforts, with critical and high vulnerabilities addressed first.
csrc.nist.gov