Cybersecurity

Common Vulnerability Scoring System

Acronym : CVSS

CVSS is a standardized 0-to-10 scale that scores a vulnerability's severity using objective criteria (ease of exploitation, impact on confidentiality, integrity and availability).

Why it matters

With dozens of CVEs published every week, the CVSS score allows patches to be prioritized objectively instead of handled first-come-first-served.

Concrete example

An IT team treats any vulnerability with a CVSS score above 9, considered critical, as top priority.

Related notions

Severity scorePatch prioritizationVulnerability management

Assess your organization's maturity on this topic

Start the diagnostic
Back to glossary