Skip to content

Glossary definition: Common Vulnerability Scoring System (CVSS)

CVSS: Understand Your System's Security Risk

The Common Vulnerability Scoring System (CVSS) is a standard for measuring and rating the severity of computer system security vulnerabilities. It is a numerical score ranging from 0 to 10, with 10 being the most severe. CVSS is used to compare the severity of different vulnerabilities and prioritize remediation efforts. It considers factors such as the complexity of the attack, the type of attack, the impact of the attack, the privileges needed to exploit the vulnerability, and the availability of the exploit. CVSS is designed to be vendor-neutral, so it can be used to evaluate vulnerabilities in any type of system or application. The CVSS score provides a consistent way to communicate the severity of a vulnerability, making it easier to compare and prioritize different vulnerabilities.