Common Vulnerability Scoring System

October 31, 2016

SECURITY

The Evolution of Scoring Security Vulnerabilities: The Sequel

Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability and identifies the privileges an attacker needs to exploit it. The CVSSv3 enhancements […]

January 8, 2015

SECURITY

CVSS Version 3 Available For Public Comments

The Common Vulnerability Scoring System (CVSS) Special Interest Group (SIG), in which Cisco is an active participant, acting on behalf of FIRST.org, has published a preview of the upcoming CVSS v3.0 scoring standard.  The CVSS v3.0 preview represents a near final version and includes metric and vector strings, formulas, scoring examples and a v3.0 calculator […]