CVSS (Common Vulnerability Scoring System)

DEFINITION: CVSS (Common Vulnerability Scoring System)

CVSS is a standardized vulnerability scoring system established by FIRST (Forum of Incident Response and Security Teams).

The calculated score, which is between 0 and 10, reflects the severity of the vulnerability. The higher the score, the more critical it is (low, medium, high or critical level). It is evaluated according to 3 metric groups:

a baseline score, which assesses a problem (theoretical impact of the vulnerability)

a temporal score, representing the characteristics of a vulnerability that can evolve according to exploits present in nature, patches…

an environmental score, which takes into account the environment and the consequences of exploiting this vulnerability. It will evolve according to existing patches, mitigating measures, etc.

To explore the subject

These other words will help your cyber understanding.

Honeypots

Honeypots are fake resources that can be used to delude attackers. As an example,...

Social Engineering

Social engineering is aimed at obtaining information by taking advantage of someone’s trust, ignorance...

Cyber or not cyber ?

Une fois par mois, soyez au courant de l’actualité cyber en vous abonnant à la newsletter TEHTRIS.