Prioritising Security Vulnerabilities with CVSS 3.1 [An Overview]

Written by ax | Published 2020/04/18
Tech Story Tags: cve | vulnerability-management | information-security | enterprise-technology | cybersecurity | analysis | project-management | latest-tech-stories | web-monetization

TLDR Common Vulnerability Scoring System (CVSS) was devised in 2004 by the National Infrastructure Advisory Council (NIAC) The CVSS score is a way to assess the severity of a vulnerability. It consists of a base score assigned to a vulnerability, followed by the temporal and environmental scores. CVSS 3.1 standard, maintained by FIRST (Forum of Incident Response and Security Teams) explicitly clarifies “CVSS measures severity, not risk” The new version also accounts for concepts such as “vulnerability chaining”via the TL;DR App

no story

Written by ax | Security Researcher, Engineer, Tech Columnist | https://hey.ax/
Published by HackerNoon on 2020/04/18