CVSS3.0打分学习
打分计算器:
Common Vulnerability Scoring System Version 3.0 Calculator: https://www.first.org/cvss/calculator/3.0
打分导图:
Scoring Rubric
The scoring rubric provides a quick reference to scoring vulnerabilities in v3.0. It is meant to supplement existing scoring discussion found in the Specification Document.
5. Scope
Note, if Scope change has not occurred, Confidentiality, Integrity and Availability impacts reflect consequence to the vulnerable component, otherwise they reflect consequence to the component that suffers the greater impact.