Questions tagged [cvss]

use `cvss` if your question is related to Common Vulnerability Scoring System

The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software vulnerabilities. CVSS consists of three metric groups: Base, Temporal, and Environmental. The Base group represents the intrinsic qualities of a vulnerability that are constant over time and across user environments, the Temporal group reflects the characteristics of a vulnerability that change over time, and the Environmental group represents the characteristics of a vulnerability that are unique to a user's environment.

59 questions

votes

1 answer

CVSS scores and sub-scores

What is the difference between the exploitability score and the exploitability sub-score? And the difference between the impact score and the impact sub-score? What are the relationships between the respective scores and sub-scores?

cvss

asked Apr 06 '22 at 05:27

Derek Huang

votes

0 answers

Local attack vector and other metrics

While calculating the CVSS score using CVSS3.1, attack vectors are classified into four. Network - Remote attack Adjacent - Should share the same Physical or Logical network of victim Physical - Physical access to device or component Based on the…

asked Dec 13 '21 at 15:20

Joel Deleep

votes

1 answer

CVSS 3.1 -- does a scope change imply at the very least a low confidentiality impact?

So I'm looking at scoring a vulnerability, and I'm waffling on how to handle Scope and Confidentiality impact. If scope is changed, isn't confidentiality-impact necessarily changed to at least Low? If I can get into a scope I shouldn't have access…

cvss

asked Mar 17 '21 at 21:42

Sidney

votes

0 answers

Impact of user account deletion on Availability in CVSS v3.1?

First, some excerpts from the CVSS official docs. According to CVSS 3.1 Specification: While the Confidentiality and Integrity impact metrics apply to the loss of confidentiality or integrity of data (e.g., information, files) used by the impacted…

cvss

asked Nov 10 '20 at 13:27

drox

votes

1 answer

Cacheable HTTPS Response CVSS

https://portswigger.net/kb/issues/00700100_cacheable-https-response Applications should return caching directives instructing browsers not to store local copies of any sensitive data Which CVSS vector I should assign to a web application which use…

caching cvss

asked Sep 25 '20 at 09:45

Maicake

votes

1 answer

What is the difference between "local" and "Adjacent" threat agents?

I am using CVSS to do the vulnerability assessment for my project. As per documentation here is the definition of local and adjacent Adjacent (A) The vulnerable component is bound to the network stack, but the attack is limited at the protocol…

threat-mitigation threat-modeling threats cvss

asked Sep 01 '20 at 14:29

kudlatiger

votes

1 answer

Client-side password strength policy verification. CVSS3.1? OWASP WSTG?

Using the OWASP testing guide, if password strength policy verification is implemented only client-side, can that be considered a vulnerability? In which category? Also which CVSS it should have?

passwords owasp cvss

asked Aug 16 '20 at 07:12

Maicake

votes

1 answer

CVSSv2 score of 10, but no CVSv3 score

We are working on our Vulnerability Management process and as part of that, I was going through the reports from our infrastructure vulnerability scanner. In the reports, I noticed that some of the CVEs does not have a CVSSv3 score, but they have a…

cvss

asked Aug 13 '20 at 07:25

Sreeraj

1,297
1
13
21

votes

2 answers

Deciding CVSS v3.1 scope parameter for a XXE vulnerability

I have a web application which is vulnerable to XXE attack. The impact of this vulnerability is, it can do a port scan by sending a malicious XML that does a request to a specific host+port in the server instance/network. When calculating the CVSS…

cvss xxe

asked Apr 22 '20 at 15:35

NShani

votes

1 answer

How to rate CVSS when PR is low but UI of admin user is required

I have a situation where an attacker with low privileges can perform an attack. However, in order to complete the attack, the system has to be restarted, which can only be done by the admin account. In this case , the UI is required. But I am…

cvss

asked Jul 12 '19 at 03:16

DentistOfDetroit

votes

2 answers

Is there a CVE or CVSS for enumeration of ports?

Lets say that there is a company which does not have a firewall and it is possible to perform an enumeration of ports and services. Could it be considered a vulnerability if it provides fingerprinting information? Or is it only considered a…

cve risk-analysis cvss

asked Mar 28 '18 at 08:31

Cod1ngFree

votes

1 answer

Public vulnerability feed with CVSS v3

NIST NVD publishes XML feeds of CVEs but, as far as I'm concerned, only with CVSS v2 vectors. CVSS v3 results are available on web portal. Is there available any up to date, processing friendly, raw data of CVEs with CVSS v3 base metrics?…

cve nist cvss

asked Apr 19 '17 at 11:07

Dave Yarsky

votes

1 answer

What is the proper way to understand Access Complexity in CVSS

I have read Access Complexity from NVD(https://nvd.nist.gov/CVSS/v2-calculator), [Access Complexity] This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target …

vulnerability cvss

asked Mar 23 '16 at 16:12

Matt Elson

-1

votes

1 answer

Please elaborate scope , vulnerable component , impact component in CVSS v3

I'm interested in CVSS v3 but I don't have enough knowledge about security or vulnerabilities. I read the CVSS v3 user guide but I'm so confused and do not understand what they mean by: scope vulnerable component impact component Please help.

vulnerability cvss

asked Oct 06 '16 at 13:22

item

Prev 1 2 3