CVSS as a Framework, Not a Score
Vulnerabilities are graded on factors such as how the vulnerable component is exposed, how difficult and reliable an attack could be, and the impact on confidentiality, integrity, and/or availability.
Vulnerabilities are graded on factors such as how the vulnerable component is exposed, how difficult and reliable an attack could be, and the impact on confidentiality, integrity, and/or availability.