Common Vulnerability Scoring System
The Evolution of Scoring Security Vulnerabilities: The Sequel
Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability and identifies the privileges an attacker needs t…
CVSS Version 3 Available For Public Comments
The Common Vulnerability Scoring System (CVSS) Special Interest Group (SIG), in which Cisco is an active participant, acting on behalf of FIRST.org, has published a preview of the upcoming CVSS v3.0 scoring standard. The CVSS v3.0 preview represents a near final version and includes metric and vect…
4