Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document

Attributes

• attackComplexity (type: String.t, default: nil) - This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.
• attackVector (type: String.t, default: nil) - This metric reflects the context by which vulnerability exploitation is possible.
• availabilityImpact (type: String.t, default: nil) - This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
• baseScore (type: number(), default: nil) - The base score is a function of the base metric scores. https://www.first.org/cvss/specification-document#Base-Metrics
• confidentialityImpact (type: String.t, default: nil) - This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
• exploitabilityScore (type: number(), default: nil) - The Exploitability sub-score equation is derived from the Base Exploitability metrics. https://www.first.org/cvss/specification-document#2-1-Exploitability-Metrics
• impactScore (type: number(), default: nil) - The Impact sub-score equation is derived from the Base Impact metrics.
• integrityImpact (type: String.t, default: nil) - This metric measures the impact to integrity of a successfully exploited vulnerability.
• privilegesRequired (type: String.t, default: nil) - This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
• scope (type: String.t, default: nil) - The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
• userInteraction (type: String.t, default: nil) - This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.