Definition(s):
A SCAP specification for measuring the severity of software security configuration issues.
Source(s):
NIST SP 800-128
under Common Configuration Scoring System (CCSS)
NIST SP 800-128