Is it possible to view the details of how a given CVSS score was calculated in the Qualys vulnerability management module? E.g. see parameters such as User Interaction and Attack Vector from CVSS v3.
Yes, as long as you have "Vulnerability Details" selected in the "Display Setting" for your report template. That should yield the following columns in your report:
CVSSCVSS BaseCVSS TemporalCVSS EnvironmentCVSS3CVSS3 BaseCVSS3 Temporal
Qualys isn't creating CVSS scores... They are just ingesting the data along with the cve info I believe.
If you want details about how scores are created in general: https://www.first.org/cvss/specification-document
Yes, but I was wondering if Qualys stored the data used for the CVSS calculation, or if it only has the "final" CVSS score available.
Retrieving data ...