What is the purpose of applying the Common Vulnerability Scoring System (CVSS) to a vulnerability detected by a penetration test?
- to calculate the severity of the vulnerability
- to determine the priority of the vulnerability
- to determine the attack vector that applies to the vulnerability
- to accurately record how the vulnerability was detected
|
Explanation & Hint: The Common Vulnerability Scoring System (CVSS) is a widely adopted standard for calculating the severity of a given vulnerability using three components: base, temporal, and environmental scores.
|