all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Inconsistencies in the Common Vulnerability Scoring System (CVSS)

Add to bookmarks
Sept. 5, 2023, 11:03 a.m. | Bruce Schneier

Schneier on Security www.schneier.com

Interesting research:


Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities


Abstract: The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most severe (critical) value. The goal of CVSS is to provide comparable scores across different evaluators. However, previous works indicate that CVSS might not reach this goal: …

academic papers common vulnerability scoring system cvss evaluation management popular process research score scoring security severity study system vulnerabilities vulnerability vulnerability management

Visit resource

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Baby Colossal Squid 1 day, 8 hours ago | www.schneier.com
baby blog blogging can +7
How AI Will Change Democracy 1 day, 18 hours ago | www.schneier.com
artificial artificial intelligence aspect change +13
Supply Chain Attack against Courtroom Software 2 days, 18 hours ago | www.schneier.com
application attack backdoor backdoors +20
Privacy Implications of Tracking Wireless Access Points 3 days, 18 hours ago | www.schneier.com
academic papers access access points address +26
Lattice-Based Cryptosystems and Quantum Cryptanalysis 4 days, 18 hours ago | www.schneier.com
algorithms coming competition computers +19
Friday Squid Blogging: Dana Squid Attacking Camera 1 week, 1 day ago | www.schneier.com
blog blogging camera can +9
On the Zero-Day Market 1 week, 1 day ago | www.schneier.com
academic papers adversaries cyberespionage global +8
Personal AI Assistants and Privacy 1 week, 2 days ago | www.schneier.com
ai assistants ai-powered artificial intelligence assistant +22
Unredacting Pixelated Text 1 week, 3 days ago | www.schneier.com
redaction steganography text

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com