Cisco Security

Common Vulnerability Scoring System

Choose the version of CVSS calculator:  
Common Vulnerability Scoring System (CVSS) Online Calculator, version 3.1
Vector: CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X
This tool is used to calculate a specific threat/vulnerability's CVSS score. Please select the appropriate options below, click "Calculate Score," and the CVSS score will be displayed. Use of this calculator is subject to the disclaimer below.

Base Parameters

Once discovered, analyzed, and catalogued, there are certain aspects of a vulnerability that do not change, assuming the initial information is complete and correct. These immutable characteristics will not change over time, nor in different environments. The base metric group captures the access to and impact on the target.

Base Score:
8.1

Temporal Parameters

As a vulnerability ages, certain intrinsic characteristics will change with time. In many cases, when a vulnerability is first discovered, the number of vulnerable systems will be at or close to its peak, while the availability of exploit and remedial information will be at its lowest point. As time progresses, patch information will become more available and more systems will be fixed as more exploits occur, driving the need for the fix. Eventually, the number of vulnerable systems will reach its low point as remedial information reaches its high point. The CVSS temporal metrics group captures these characteristics of a vulnerability that change over time.

Temporal Score:
8.1

Environmental Parameters

Different user environments can have an immense bearing on how (or if) a vulnerability affects a given information system and its stakeholders. The CVSS environmental metrics group captures characteristics of vulnerabilities that are tied to system distribution and network environment.

Environmental Score:
8.1

Loading..


ENDORSEMENT

Cisco endorses and subscribes to the vulnerability guidelines outlined by the National Infrastructure Advisory Council (NIAC). The NIAC commissioned the development of the Common Vulnerability Scoring System (CVSS), which is currently maintained by FIRST (Forum of Incident Response and Security Teams), www.first.org, and was a combined effort involving many companies, including Cisco Systems, Inc.

GENERAL DISCLAIMER AND LIMITATION OF LIABILITY

All information provided by the CVSS Online Calculator is for informational purposes only and is subject to change or withdrawal at any time without notice. The CVSS Online Calculator is a pilot program and Cisco assumes no responsibility for the accuracy or completeness of the information provided and any decision made or action taken or not taken in reliance upon the information provided or furnished hereunder. The information and results provided by the CVSS Online Calculator vary based on the information provided by each user, which is specific to each user's network and cannot be verified or confirmed by Cisco. The CVSS Online Calculator is offered only as a convenience and any use of the results or information provided is at the user's risk.

ALL INFORMATION PROVIDED ON THIS WEB PAGE AND BY THE CVSS ONLINE CALCULATOR IS PROVIDED "AS IS" WITH ALL FAULTS AND WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED. CISCO DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR USE OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. CISCO SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR REVENUES, COSTS OF REPLACEMENT GOODS, LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE CVSS CALCULATOR, DAMAGES RESULTING FROM USE OF OR RELIANCE ON THE CVSS CALCULATOR, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.