Common Vulnerability Scoring System (CVSS) Explained

The Common Vulnerability Scoring System, or CVSS for short, is the first and only open framework for scoring the risk associated with vulnerabilities. CVSS is designed to rank information system vulnerabilities and provide an end user with a composite score representing the overall severity and risk the vulnerability presents. CVSS was created by The National Infrastructure Advisory Council (NIAC). Over the years it has become a very widely adopted scoring system and is used by such heavy hitters as the Department of Homeland Security, CERT, Cisco, Union Pacific, and Symantec to name but a few. CVSS is currently maintained by the Forum of Incident Response and Security Teams (FIRST),, and was a combined effort involving many companies, including:

Cisco Systems
Internet Security Systems



Comments (1)

  1. nedvizhimost sdayu tomsk says:

    nedvizhimost sdayu tomsk nedvizhimost sdayu tomsk <a href="">nedvizhimost sdayu tomsk</a> nedvizhimost sdayu tomsk nedvizhimost sdayu tomsk nedvizhimost sdayu tomsk

Skip to main content