CVSS

JSON representation
AttackVector
AttackComplexity
Authentication
PrivilegesRequired
UserInteraction
Scope
Impact

Common Vulnerability Scoring System. For details, see https://www.first.org/cvss/specification-document This is a message we will try to use for storing various versions of CVSS rather than making a separate proto for storing a specific version.

JSON representation

JSON representation
{ "baseScore": number, "exploitabilityScore": number, "impactScore": number, "attackVector": enum (`AttackVector`), "attackComplexity": enum (`AttackComplexity`), "authentication": enum (`Authentication`), "privilegesRequired": enum (`PrivilegesRequired`), "userInteraction": enum (`UserInteraction`), "scope": enum (`Scope`), "confidentialityImpact": enum (`Impact`), "integrityImpact": enum (`Impact`), "availabilityImpact": enum (`Impact`) }

{
  "baseScore": number,
  "exploitabilityScore": number,
  "impactScore": number,
  "attackVector": enum (AttackVector),
  "attackComplexity": enum (AttackComplexity),
  "authentication": enum (Authentication),
  "privilegesRequired": enum (PrivilegesRequired),
  "userInteraction": enum (UserInteraction),
  "scope": enum (Scope),
  "confidentialityImpact": enum (Impact),
  "integrityImpact": enum (Impact),
  "availabilityImpact": enum (Impact)
}

Fields
`baseScore`	`number` The base score is a function of the base metric scores.
`exploitabilityScore`	`number`
`impactScore`	`number`
`attackVector`	`enum (AttackVector)` Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
`attackComplexity`	`enum (AttackComplexity)`
`authentication`	`enum (Authentication)`
`privilegesRequired`	`enum (PrivilegesRequired)`
`userInteraction`	`enum (UserInteraction)`
`scope`	`enum (Scope)`
`confidentialityImpact`	`enum (Impact)`
`integrityImpact`	`enum (Impact)`
`availabilityImpact`	`enum (Impact)`

AttackVector

Enums
`ATTACK_VECTOR_UNSPECIFIED`
`ATTACK_VECTOR_NETWORK`
`ATTACK_VECTOR_ADJACENT`
`ATTACK_VECTOR_LOCAL`
`ATTACK_VECTOR_PHYSICAL`

AttackComplexity

Enums
`ATTACK_COMPLEXITY_UNSPECIFIED`
`ATTACK_COMPLEXITY_LOW`
`ATTACK_COMPLEXITY_HIGH`
`ATTACK_COMPLEXITY_MEDIUM`

Authentication

Enums
`AUTHENTICATION_UNSPECIFIED`
`AUTHENTICATION_MULTIPLE`
`AUTHENTICATION_SINGLE`
`AUTHENTICATION_NONE`

PrivilegesRequired

Enums
`PRIVILEGES_REQUIRED_UNSPECIFIED`
`PRIVILEGES_REQUIRED_NONE`
`PRIVILEGES_REQUIRED_LOW`
`PRIVILEGES_REQUIRED_HIGH`

UserInteraction

Enums
`USER_INTERACTION_UNSPECIFIED`
`USER_INTERACTION_NONE`
`USER_INTERACTION_REQUIRED`

Scope

Enums
`SCOPE_UNSPECIFIED`
`SCOPE_UNCHANGED`
`SCOPE_CHANGED`

Impact

Enums
`IMPACT_UNSPECIFIED`
`IMPACT_HIGH`
`IMPACT_LOW`
`IMPACT_NONE`
`IMPACT_PARTIAL`
`IMPACT_COMPLETE`