Vulnerability Response

Vulnerability Reports

This document usually contains the following information:

  • Vulnerability Type
  • Severity
  • System
  • Explanation
  • Walkthrough
  • Recommendation

Using a Standard template

Vulnerability Severity

common Vulnerability Scoring System Verison 3.1 Calculator

Calculation

  • CSVV Score Sheet | google sheet
  • if scope is unchaged: Base Score = Roundup ((6.42 × (1 - ((1 - Confidentiality) × (1 - Integrity) × (1 - Availability))) + (8.22 × AttackVector × AttackComplexity × PrivilegesRequired × UserInteraction)))
  • if scope is changed: Base Score = Roundup (1.08 × ((7.52 × (1 - ((1 - Confidentiality) × (1 - Integrity) × (1 - Availability)) - 0.029) - 3.25 × (1 - ((1 - Confidentiality) × (1 - Integrity) × (1 - Availability)) - 0.02)15)+ (8.22 × AttackVector × AttackComplexity × PrivilegesRequired × UserInteraction)))


comments powered by Disqus