CVSS (Common Vulnerability Scoring System)

The Common Vulnerability Scoring System is an open industry standard for assessing the severity of software vulnerabilities, maintained by the Forum of Incident Response and Security Teams (FIRST). CVSS scores range from 0 to 10, with higher scores indicating greater severity. Black Kite uses CVSS scores in calculating findings severity within its Cyber Rating and in prioritizing remediation guidance across vendor assessments.