Understanding CVSS

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/7

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

8 Terms

1
New cards

The attack vector metric (AV)

describes how an attacker would exploit the vulnerability

2
New cards

The attack complexity metric (AC)

describes the difficulty of exploiting the vulnerability

3
New cards

The privileges required metric (PR)

describes the type of account access that an attacker would need to exploit a vulnerability

4
New cards

The user interaction metric (UI)

describes whether the attacker needs to involve another human in the attack

5
New cards

The confidentiality metric (C)

describes the type of information disclosure that might occur if an attacker successfully exploits the vulnerability

6
New cards

The integrity metric (I)

describes the type of information alteration that might occur if an attacker successfully exploits the vulnerability

7
New cards

The availability metric (A)

describes the type of disruption that might occur if an attacker successfully exploits the vulnerability

8
New cards

The scope metric (S)

describes whether the vulnerability can affect system components beyond the scope of the vulnerability. Not that the scope metric table does not contain score information. The value of the scope metric is reflected in the values for the privileges required metric