What is CVSS?

Document created by kb-author-1 Employee on May 19, 2010Last modified by eschamp on Nov 12, 2010
Version 4Show Document
  • View in full screen mode


What is CVSS?



CVSS stands for the Common Vulnerability Scoring System, an industry open standard designed to convey vulnerability severity and risk.


CVSS Scoring is an optional feature in QualysGuard. When this feature is enabled, CVSS scores are calculated for vulnerability/host pairs and displayed in your scan reports. To learn more about CVSS, visit http://www.first.org/cvss.


QualysGuard supports CVSS v2 as of January 2008 and it uses base scores from NIST’s National Vulnerability Database (NVD) when available.