U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST IR 8409

Measuring the Common Vulnerability Scoring System Base Score Equation

Date Published: November 2022

Author(s)

Peter Mell (NIST), Jonathan Spring (CERT/CC at Carnegie Mellon University), Dave Dugal (Juniper), Srividya Ananthakrishna (Huntington Ingalls Industries), Francesco Casotto (Cisco), Troy Fridley (AcuityBrands), Christopher Ganas (Palo Alto Networks), Arkadeep Kundu (Cisco), Phillip Nordwall (Dell), Vijayamurugan Pushpanathan (Schneider Electric), Daniel Sommerfeld (Microsoft), Matt Tesauro (Open Web Application Security Project), Christopher Turner (NIST)

Abstract

Keywords

computer; Common Vulnerability Scoring System; error; expert opinion; measurement; measuring; metrics; network; scoring; security
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8409
Download URL

Supplemental Material:
None available

Document History:
06/08/22: IR 8409 (Draft)
11/15/22: IR 8409 (Final)

Topics

Security and Privacy

security measurement, vulnerability management

Technologies

networks