all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Inconsistencies in the Common Vulnerability Scoring System (CVSS)

Add to bookmarks
Sept. 5, 2023, 11:03 a.m. | Bruce Schneier

Schneier on Security www.schneier.com

Interesting research:


Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities


Abstract: The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most severe (critical) value. The goal of CVSS is to provide comparable scores across different evaluators. However, previous works indicate that CVSS might not reach this goal: …

academic papers common vulnerability scoring system cvss evaluation management popular process research score scoring security severity study system vulnerabilities vulnerability vulnerability management

Visit resource

More from www.schneier.com / Schneier on Security

My TED Talks an hour ago | www.schneier.com
conferences controls data internet +9
Rare Interviews with Enigma Cryptanalyst Marian Rejewski 8 hours ago | www.schneier.com
crack cryptanalysis enigma history of cryptography +5
The UK Bans Default Passwords 1 day, 9 hours ago | www.schneier.com
act and telecommunications ban bans +19
AI Voice Scam 2 days, 8 hours ago | www.schneier.com
artificial intelligence bbc money scam +4
WhatsApp in India 3 days, 9 hours ago | www.schneier.com
courts encryption end end-to-end +5
Whale Song Code 4 days, 9 hours ago | www.schneier.com
basic broadcast code cold +18
Friday Squid Blogging: Searching for the Colossal Squid 6 days, 23 hours ago | www.schneier.com
blog blogging can cruise +7
Long Article on GM Spying on Its Cars’ Drivers 1 week ago | www.schneier.com
article cars companies data +10
The Rise of Large-Language-Model Optimization 1 week, 1 day ago | www.schneier.com
artificial intelligence coming easy end +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs