From the course: CompTIA Security+ (SY0-601) Cert Prep: 1 Threats, Attacks, and Vulnerabilities

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

CVSS (Common Vulnerability Scoring System)

CVSS (Common Vulnerability Scoring System)

From the course: CompTIA Security+ (SY0-601) Cert Prep: 1 Threats, Attacks, and Vulnerabilities

Start my 1-month free trial

CVSS (Common Vulnerability Scoring System)

- [Instructor] Let's dig into the Common Vulnerability Scoring System or CVSS because you'll see that used on scan reports. CVSS assigns a score to each vulnerability on a 10-point scale. We can figure out a base CVSS score by evaluating eight different metrics and then combining the results. The first metric is the Attach Vector metric. The describes the type of access that an attacker must have to exploit a vulnerability. The value for this metric can be physical, meaning that the attacker must be able to physically touch or manipulate the target system. It can be local, meaning the attacker must have physical or logical access to the system's console. Or it can be adjacent network, meaning that the attacker must have access to the system's local network. Or it can just be network, meaning that the vulnerability is remotely exploitable. The second metric is the Attack Complexity metric. This metric measures how…

Contents