In the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?
In the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?
The Common Vulnerability Scoring System (CVSS) v3.1 severity ratings classify vulnerabilities into different severity levels based on their assigned scores. The range for medium severity vulnerabilities is 4.0 to 6.9.
CVSS v3.0 Ratings Low 0.1-3.9 Medium 4.0-6.9 High 7.0-8.9 Critical 9.0-10.0 https://nvd.nist.gov/vuln-metrics/cvss
Low 0.1 - 3.9 Medium 4.0 - 6.9 High 7.0 - 8.9 Critical 9.0 - 10.0
Yes. The correct answer is D. https://www.first.org/cvss/v3.1/specification-document Table 14: Qualitative severity rating scale
Correct answer is D. Ignore the other response where I said it was C.
Medium 4.0-6.9
C. 3.0-6.9 Explanation: The Common Vulnerability Scoring System (CVSS) is a framework used to assess the severity of software vulnerabilities. CVSS assigns a score to each vulnerability based on its potential impact on the confidentiality, integrity, and availability of a system, as well as its complexity and the level of user interaction required to exploit the vulnerability.
This answer is incorrect. Correct answer is D.
Medium 4.0-6.9
Low 0.1 - 3.9 Medium 4.0 - 6.9 High 7.0 - 8.9 Critical 9.0 - 10.0