What is CVSS?

Vulnerabilities

Open Industry Standard

O to 10 [{ "selector": ".ilegz-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".abkbc-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

How this started?

[{ "selector": ".rpmxs-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

National Infrastructure Advisory Council

[{ "selector": ".maalp-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".ndbjr-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

National Infrastructure Advisory Council

[{ "selector": ".mtjqg-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".ubxwb-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

National Infrastructure Advisory Council

[{ "selector": ".ngfgg-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".lekqm-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

National Infrastructure Advisory Council

[{ "selector": ".kmtwl-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".urezx-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

National Infrastructure Advisory Council

[{ "selector": ".wxjtr-a", "duration": "500ms", "fill": "forwards", "delay": "0ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }, { "selector": ".kwdtn-a", "duration": "500ms", "fill": "forwards", "delay": "500ms", "keyframes": [ {"offset": 0, "opacity": 0}, {"offset": 1, "opacity": "1"} ] }]

Vulnerabilities

Common Vulnerability Scoring System

Open Industry Standard

assess and defined the severity of computer system vulnerability

Score can range
from

How this started?

National Infrastructure Advisory Council (NIAC) launch the CVSS version 1 in Feb 2005

NIAC goal was to define open and universally standard ratings of software vulnerabilities

National Infrastructure Advisory Council

NIAC Role

April 2005 -
NIAC established a Forum of Incident Response and Security Teams (FIRST) and became custodian of CVSS for future development

National Infrastructure Advisory Council

CVSS Journey

April 2005 - CVSS V1 launched
June 2007 - CVSS V2 launched
June 2015 - CVSS V3 launched

National Infrastructure Advisory Council

CVSS Latest

June 2019 -
Minor update CVSS v3.1 was launched with new standard CVSS Extension Framework was defined.

National Infrastructure Advisory Council

CVSS Adaption

CVSS is adopted as the primary method for measure the severity of vulnerability by most organizations and companies across the Globe

National Infrastructure Advisory Council

Vulnerabilities

Vulnerabilities then and Now

Vulnerabilities

Common Vulnerability Scoring System

Open Industry Standard

assess and defined the severity of computer system vulnerability

Score can range from

How this started?

National Infrastructure Advisory Council (NIAC) launch the CVSS version 1 in Feb 2005

NIAC goal was to define open and universally standard ratings of software vulnerabilities

National Infrastructure Advisory Council

NIAC Role

April 2005 - NIAC established a Forum of Incident Response and Security Teams (FIRST) and became custodian of CVSS for future development

National Infrastructure Advisory Council

CVSS Journey

April 2005 - CVSS V1 launchedJune 2007 - CVSS V2 launchedJune 2015 - CVSS V3 launched

National Infrastructure Advisory Council

CVSS Latest

June 2019 - Minor update CVSS v3.1 was launched with new standard CVSS Extension Framework was defined.

National Infrastructure Advisory Council

CVSS Adaption

CVSS is adopted as the primary method for measure the severity of vulnerability by most organizations and companies across the Globe

National Infrastructure Advisory Council

Vulnerabilities

Vulnerabilities then and Now

Score can range
from

April 2005 -
NIAC established a Forum of Incident Response and Security Teams (FIRST) and became custodian of CVSS for future development

April 2005 - CVSS V1 launched
June 2007 - CVSS V2 launched
June 2015 - CVSS V3 launched

June 2019 -
Minor update CVSS v3.1 was launched with new standard CVSS Extension Framework was defined.