- JSON representation
- AttackVector
- AttackComplexity
- Authentication
- PrivilegesRequired
- UserInteraction
- Scope
- Impact
Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.
JSON representation |
---|
{ "baseScore": number, "exploitabilityScore": number, "impactScore": number, "attackVector": enum ( |
Fields | |
---|---|
baseScore |
The base score is a function of the base metric scores. |
exploitabilityScore |
|
impactScore |
|
attackVector |
Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. |
attackComplexity |
|
authentication |
|
privilegesRequired |
|
userInteraction |
|
scope |
|
confidentialityImpact |
|
integrityImpact |
|
availabilityImpact |
|
AttackVector
Enums | |
---|---|
ATTACK_VECTOR_UNSPECIFIED |
|
ATTACK_VECTOR_NETWORK |
|
ATTACK_VECTOR_ADJACENT |
|
ATTACK_VECTOR_LOCAL |
|
ATTACK_VECTOR_PHYSICAL |
AttackComplexity
Enums | |
---|---|
ATTACK_COMPLEXITY_UNSPECIFIED |
|
ATTACK_COMPLEXITY_LOW |
|
ATTACK_COMPLEXITY_HIGH |
|
ATTACK_COMPLEXITY_MEDIUM |
Authentication
Enums | |
---|---|
AUTHENTICATION_UNSPECIFIED |
|
AUTHENTICATION_MULTIPLE |
|
AUTHENTICATION_SINGLE |
|
AUTHENTICATION_NONE |
PrivilegesRequired
Enums | |
---|---|
PRIVILEGES_REQUIRED_UNSPECIFIED |
|
PRIVILEGES_REQUIRED_NONE |
|
PRIVILEGES_REQUIRED_LOW |
|
PRIVILEGES_REQUIRED_HIGH |
UserInteraction
Enums | |
---|---|
USER_INTERACTION_UNSPECIFIED |
|
USER_INTERACTION_NONE |
|
USER_INTERACTION_REQUIRED |
Scope
Enums | |
---|---|
SCOPE_UNSPECIFIED |
|
SCOPE_UNCHANGED |
|
SCOPE_CHANGED |
Impact
Enums | |
---|---|
IMPACT_UNSPECIFIED |
|
IMPACT_HIGH |
|
IMPACT_LOW |
|
IMPACT_NONE |
|
IMPACT_PARTIAL |
|
IMPACT_COMPLETE |