all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities

Add to bookmarks
May 9, 2024, 4:12 a.m. | Julia Wunder, Andreas Kurtz, Christian Eichenm\"uller, Freya Gassmann, Zinaida Benenson

cs.CR updates on arXiv.org arxiv.org

arXiv:2308.15259v2 Announce Type: replace
Abstract: The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most severe (critical) value. The goal of CVSS is to provide comparable scores across different evaluators. However, previous works indicate that CVSS might not reach this goal: If a vulnerability is evaluated by several analysts, their scores often differ. This …

arxiv common vulnerability scoring system critical cs.cr cvss evaluation goal management popular process score scoring security severity study system value vulnerabilities vulnerability vulnerability management

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Differentially private projection-depth-based medians an hour ago | arxiv.org
arxiv conditions cost cs.cr +17
Transpose Attack: Stealing Datasets with Bidirectional Training an hour ago | arxiv.org
addition adversaries arxiv attack +16
Bypassing the Safety Training of Open-Source LLMs with Priming Attacks an hour ago | arxiv.org
arxiv attacks bypassing cs.ai +6
ATM: a Logic for Quantitative Security Properties on Attack Trees an hour ago | arxiv.org
academia arxiv atm attack +18
A Survey on Cyber-Resilience Approaches for Cyber-Physical Systems an hour ago | arxiv.org
arxiv computation control cps +23
ScionFL: Efficient and Robust Secure Quantized Aggregation an hour ago | arxiv.org
aggregation aim arxiv central +16
Rethinking Graph Backdoor Attacks: A Distribution-Preserving Perspective an hour ago | arxiv.org
arxiv attack attacks backdoor +16
IT Strategic alignment in the decentralized finance (DeFi): CBDC and digital currencies an hour ago | arxiv.org
alignment arxiv asset blockchain +23
Not All Prompts Are Secure: A Switchable Backdoor Attack Against Pre-trained Vision Transformers an hour ago | arxiv.org
arxiv attack backdoor backdoor attack +5

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com