CVSS

JSON representation
AttackVector
AttackComplexity
Authentication
PrivilegesRequired
UserInteraction
Scope
Impact

Common Vulnerability Scoring System. This message is compatible with CVSS v2 and v3. For CVSS v2 details, see https://www.first.org/cvss/v2/guide CVSS v2 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator For CVSS v3 details, see https://www.first.org/cvss/specification-document CVSS v3 calculator: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator

JSON representation

JSON representation
{ "baseScore": number, "exploitabilityScore": number, "impactScore": number, "attackVector": enum (`AttackVector`), "attackComplexity": enum (`AttackComplexity`), "authentication": enum (`Authentication`), "privilegesRequired": enum (`PrivilegesRequired`), "userInteraction": enum (`UserInteraction`), "scope": enum (`Scope`), "confidentialityImpact": enum (`Impact`), "integrityImpact": enum (`Impact`), "availabilityImpact": enum (`Impact`) }

{
  "baseScore": number,
  "exploitabilityScore": number,
  "impactScore": number,
  "attackVector": enum (AttackVector),
  "attackComplexity": enum (AttackComplexity),
  "authentication": enum (Authentication),
  "privilegesRequired": enum (PrivilegesRequired),
  "userInteraction": enum (UserInteraction),
  "scope": enum (Scope),
  "confidentialityImpact": enum (Impact),
  "integrityImpact": enum (Impact),
  "availabilityImpact": enum (Impact)
}

Fields
`baseScore`	`number` The base score is a function of the base metric scores.
`exploitabilityScore`	`number`
`impactScore`	`number`
`attackVector`	`enum (AttackVector)` Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2
`attackComplexity`	`enum (AttackComplexity)` Defined in CVSS v3, CVSS v2
`authentication`	`enum (Authentication)` Defined in CVSS v2
`privilegesRequired`	`enum (PrivilegesRequired)` Defined in CVSS v3
`userInteraction`	`enum (UserInteraction)` Defined in CVSS v3
`scope`	`enum (Scope)` Defined in CVSS v3
`confidentialityImpact`	`enum (Impact)` Defined in CVSS v3, CVSS v2
`integrityImpact`	`enum (Impact)` Defined in CVSS v3, CVSS v2
`availabilityImpact`	`enum (Impact)` Defined in CVSS v3, CVSS v2

AttackVector

Enums
`ATTACK_VECTOR_UNSPECIFIED`	Defined in CVSS v3, CVSS v2
`ATTACK_VECTOR_NETWORK`	Defined in CVSS v3, CVSS v2
`ATTACK_VECTOR_ADJACENT`	Defined in CVSS v3, CVSS v2
`ATTACK_VECTOR_LOCAL`	Defined in CVSS v3, CVSS v2
`ATTACK_VECTOR_PHYSICAL`	Defined in CVSS v3

AttackComplexity

Enums
`ATTACK_COMPLEXITY_UNSPECIFIED`	Defined in CVSS v3, CVSS v2
`ATTACK_COMPLEXITY_LOW`	Defined in CVSS v3, CVSS v2
`ATTACK_COMPLEXITY_HIGH`	Defined in CVSS v3, CVSS v2
`ATTACK_COMPLEXITY_MEDIUM`	Defined in CVSS v2

Authentication

Enums
`AUTHENTICATION_UNSPECIFIED`	Defined in CVSS v2
`AUTHENTICATION_MULTIPLE`	Defined in CVSS v2
`AUTHENTICATION_SINGLE`	Defined in CVSS v2
`AUTHENTICATION_NONE`	Defined in CVSS v2

PrivilegesRequired

Enums
`PRIVILEGES_REQUIRED_UNSPECIFIED`	Defined in CVSS v3
`PRIVILEGES_REQUIRED_NONE`	Defined in CVSS v3
`PRIVILEGES_REQUIRED_LOW`	Defined in CVSS v3
`PRIVILEGES_REQUIRED_HIGH`	Defined in CVSS v3

UserInteraction

Enums
`USER_INTERACTION_UNSPECIFIED`	Defined in CVSS v3
`USER_INTERACTION_NONE`	Defined in CVSS v3
`USER_INTERACTION_REQUIRED`	Defined in CVSS v3

Scope

Enums
`SCOPE_UNSPECIFIED`	Defined in CVSS v3
`SCOPE_UNCHANGED`	Defined in CVSS v3
`SCOPE_CHANGED`	Defined in CVSS v3

Impact

Enums
`IMPACT_UNSPECIFIED`	Defined in CVSS v3, CVSS v2
`IMPACT_HIGH`	Defined in CVSS v3
`IMPACT_LOW`	Defined in CVSS v3
`IMPACT_NONE`	Defined in CVSS v3, CVSS v2
`IMPACT_PARTIAL`	Defined in CVSS v2
`IMPACT_COMPLETE`	Defined in CVSS v2