From the course: Vulnerability Management: Assessing the Risks with CVSS v3.1
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
How exploit code maturity affects risk
From the course: Vulnerability Management: Assessing the Risks with CVSS v3.1
How exploit code maturity affects risk
- [Instructor] The Temporal metrics group addresses things about a vulnerability that change over time. Exploit Code Maturity represented as E in the vector string, addresses the likelihood of a vulnerability being attacked, and that attack being successful. When vulnerabilities are first discovered or disclosed, there may not be an exploit, developing exploits takes time. And typically, a new vulnerability doesn't have one but given enough time, a really sophisticated and easy to use exploit kit may become available. Sometimes the people that use those types of exploits are referred to as Script kiddies. It's a bit of a pejorative term, implying that these types of attacks are so easy a child or kid can do them. Exploit Code Maturity has five possible values that reflect a large range of exploitability. These values are designed to quantify the real road risk of a vulnerability being exploited in the wild. If a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.