Class PrivilegesRequired (1.18.1)

PrivilegesRequired(value)

This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.

Enums

Name Description
PRIVILEGES_REQUIRED_UNSPECIFIED Invalid value.
PRIVILEGES_REQUIRED_NONE The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack.
PRIVILEGES_REQUIRED_LOW The attacker requires privileges that provide basic user capabilities that could normally affect only settings and files owned by a user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
PRIVILEGES_REQUIRED_HIGH The attacker requires privileges that provide significant (e.g., administrative) control over the vulnerable component allowing access to component-wide settings and files.