Class Severity (0.1.16)

Severity(value)

The severity of the finding.

    For threats: Indicates a threat that is able to
    access, modify, or delete data or execute
    unauthorized code within existing resources.
HIGH (2):
    For vulnerabilities: A high-risk
    vulnerability can be easily discovered and
    exploited in combination with other
    vulnerabilities in order to gain direct access
    and the ability to execute arbitrary code,
    exfiltrate data, and otherwise gain additional
    access and privileges to cloud resources and
    workloads. An example is a database with weak or
    no passwords that is only accessible internally.
    This database could easily be compromised by an
    actor that had access to the internal network.

    For threats: Indicates a threat that is able to
    create new computational resources in an
    environment but not able to access data or
    execute code in existing resources.
MEDIUM (3):
    For vulnerabilities: A medium-risk
    vulnerability could be used by an actor to gain
    access to resources or privileges that enable
    them to eventually (through multiple steps or a
    complex exploit) gain access and the ability to
    execute arbitrary code or exfiltrate data. An
    example is a service account with access to more
    projects than it should have. If an actor gains
    access to the service account, they could
    potentially use that access to manipulate a
    project the service account was not intended to.

    For threats: Indicates a threat that is able to
    cause operational impact but may not access data
    or execute unauthorized code.
LOW (4):
    For vulnerabilities: A low-risk vulnerability
    hampers a security organization's ability to
    detect vulnerabilities or active threats in
    their deployment, or prevents the root cause
    investigation of security issues. An example is
    monitoring and logs being disabled for resource
    configurations and access.

    For threats: Indicates a threat that has
    obtained minimal access to an environment but is
    not able to access data, execute code, or create
    resources.

Enums

Name Description
SEVERITY_UNSPECIFIED Default value. This value is unused.
CRITICAL For vulnerabilities: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data and public SSH access with weak or no passwords.