Common vulnerability scoring system (CVSS)

What is Common vulnerability scoring system (CVSS)

A method for measuring the severity of computer security vulnerabilities. CVSS provides a simple way for vendors to rate their products' susceptibility to attack, helping buyers make informed purchasing decisions.

A CVSS score is calculated based on three factors:

  • Base score — indicates how severe the vulnerability is.
  • Vector — value that represents the type of data flow exploited.
  • Impact — indicates the potential damage caused by exploiting the vulnerability.