AnsweredAssumed Answered

Severity Ratings: MS vs Qualys and CVE

Question asked by Anon Ymous on Mar 25, 2015
Latest reply on Mar 27, 2015 by Boyd White

I posted this elsewhere, and am sure I posted to wrong place, and do not know how to move or delete it...

 

 

I have run across a few vulns where the MS severity rating differes from the Qualys severity rating.  For example, QID 110233 rates as a Sev , but MS rates the patch for it, MS14-001, as Important, rather than Critical.  Any idea why the discrepancy, or where I could go to get some background on the respective rating systems?

 

Incidentally, MITR seems to concur w/ Qualys in the examples I have seen so far.

Outcomes