CVSS Score
cvss
The Common Vulnerability Scoring System (CVSS) object provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Base Score | base_score | Float | The CVSS base score. For example: |
| CVSS Depth | depth | String | The CVSS depth represents a depth of the equation used to calculate CVSS score.
|
| Metrics | metrics | Metric[] | The Common Vulnerability Scoring System metrics. This attribute contains information on the CVE's impact. If the CVE has been analyzed, this attribute will contain any CVSSv2 or CVSSv3 information associated with the vulnerability. For example: |
| Overall Score | overall_score | Float | The CVSS overall score, impacted by base, temporal, and environmental metrics. For example: |
| Raw Data | raw_data | JSON | Group: |
| Record ID | record_id | String | Group: |
| Severity | severity | String | The Common Vulnerability Scoring System (CVSS) Qualitative Severity Rating. A textual representation of the numeric score. CVSS v2.0
|
| Source URL | src_url | URL String | Entity: |
| Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
| Vector String | vector_string | String | The CVSS vector string is a text representation of a set of CVSS metrics. It is commonly used to record or transfer CVSS metric information in a concise form. For example: |
| Vendor Name | vendor_name | String | The vendor that provided the CVSS score. For example: |
| Version | version | String | The CVSS version. For example: |
Relationships
Inbound Relationships
These objects and events reference CVSS Score in their attributes:
Outbound Relationships
CVSS Score references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 19 days ago