Values for $n$ greater than 2 create very significant gaps between CVSS scores in the high and critical range. #3
Comments
We believe that our latest version of the formula resolves this problem by forcing We also suggested that users decrease
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
richinseattle notified me of an interesting issue in our formula when supplying it with values greater than 2 for
n
.Steps To Reproduce
Set
n
to a value greater than 2. I am usingn = 6
below.Result
There is a very large gap between the bounty amount for a CVSS score of 9.0 versus a score of 10.0 — namely $5314 for 9.0 and $10'000 for 10.0.
Potential Solutions
The following are some potential solutions that may even be combined to resolve this problem and other problem for
n
in the future.n
on a large data set. This would allow us to create "realistic" values forn
for the three categories mentioned in the write-up. [3]The text was updated successfully, but these errors were encountered: