CVSS (Common Vulnerability Scoring System)

DEFINITION: CVSS (Common Vulnerability Scoring System)

CVSS is a standardized vulnerability scoring system established by FIRST (Forum of Incident Response and Security Teams).

The calculated score, which is between 0 and 10, reflects the severity of the vulnerability. The higher the score, the more critical it is (low, medium, high or critical level). It is evaluated according to 3 metric groups:

a baseline score, which assesses a problem (theoretical impact of the vulnerability)

a temporal score, representing the characteristics of a vulnerability that can evolve according to exploits present in nature, patches…

an environmental score, which takes into account the environment and the consequences of exploiting this vulnerability. It will evolve according to existing patches, mitigating measures, etc.

To explore the subject

These other words will help your cyber understanding.


Forensic data analysis consists in investigating an information system after a cyberattack. Analysts will...


Phishing is a scamming technique used by hackers to obtain personal or professional information...

Cyber or not cyber ?

Once a month, receive the essential news and cyber watch by subscribing to the TEHTRIS newsletter.