top of page

CVSS Score Calculator

Last night’s tip concerned NIST’s CVSS system for evaluating the severity of security breaches. NIST has an online calculator that you can use to generate a score based on each of the metrics discussed last night. See: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator . In this example, we see how the highest CVSS score resutls in the worst case scenario for each of the metrics:



An additional temporal score (which uses the base score as an input) is based on whether or not a functional code has been developed for an exploit and has been distributed; whether or not a patch has been developed to remediate the attack; and whether or not the cause of the attack is known.





bottom of page