-
Notifications
You must be signed in to change notification settings - Fork 1
CVSS
FeIix edited this page May 8, 2026
·
3 revisions
| Code | Metric Value | Description | OSI model | Examples |
|---|---|---|---|---|
| AV:N | Network | Remote via layer3 | Layer 3 | |
| AV:A | Adjacent Network | Shared physical/logical network | Layer2 | Bluetooth or same VLAN |
| AV:L | Locally via read/write/execute permissions | None-related to network | local user account | |
| AV:P | In-person touch | None-related to network | Attach an peripheral USB |
| Code | Metric Value | Description |
|---|---|---|
| AC:L | Low | No or non-special conditions required for a successful exploit. |
| AC:H | High | A successful exploit depends on special conditions and requires attackers' invest effect in preparation and execution. |
| Code | Metric Value | Description |
|---|---|---|
| PR:N | None | |
| PR:L | Low | Standard user |
| PR:H | High | Privilege user |
| Code | Metric Value | Description |
|---|---|---|
| UI:N | None | No interaction |
| UI:R | Require | Actions from a user |
| Code | Metric Value | Description | Examples |
|---|---|---|---|
| S:U | Unchanged | Vulnerable component and impact component are the same | Control local host via a OS vulnerability. |
| S:C | Changed | Vulnerable component and impact component are different | Control the local host via an Apache vulnerability. |
| Code | Metric Value | Description |
|---|---|---|
| C:N | None | |
| C:L | Low | Some loss |
| C:H | High | Total loss |
| Code | Metric Value | Description |
|---|---|---|
| I:N | None | |
| I:L | Low | Modification of data is possible. |
| I:H | High | Attacker can modify all data; direct and serious damage. |
| Code | Metric Value | Description |
|---|---|---|
| I:N | None | |
| I:L | Low | Reduced performance; Can't completely deny service all the time. |
| I:H | High | Service completely unavailable all the time; direct and serious damage. |