Class AttackVector (1.15.3)

AttackVector(value)

This metric reflects the context by which vulnerability exploitation is possible.

Values: ATTACK_VECTOR_UNSPECIFIED (0): Invalid value. ATTACK_VECTOR_NETWORK (1): The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. ATTACK_VECTOR_ADJACENT (2): The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology. ATTACK_VECTOR_LOCAL (3): The vulnerable component is not bound to the network stack and the attacker's path is via read/write/execute capabilities. ATTACK_VECTOR_PHYSICAL (4): The attack requires the attacker to physically touch or manipulate the vulnerable component.