Team for Research in
Ubiquitous Secure Technology

The Common Vulnerability Scoring System (CVSS)
Mike Schiffman

Citation
Mike Schiffman. "The Common Vulnerability Scoring System (CVSS)". Talk or presentation, 10, November, 2005.

Abstract
To date, a number of commercial computer security vendors and not-for-profit organizations have developed, promoted, and implemented systems to rank information system vulnerabilities. Unfortunately, there is no cohesion or interoperability among those systems and they are limited in scope as to what they cover. This presentation discusses an open and universal vulnerability scoring system to address and solve these shortcomings, with the ultimate goal of promoting a common language to discuss vulnerability severity and impact. More can be found at http://www.first.org/cvss.

Electronic downloads


Internal. This publication has been marked by the author for TRUST-only distribution, so electronic downloads are not available without logging in.
Citation formats  
  • HTML 
     Mike Schiffman. <a
href="http://www.truststc.org/pubs/10.html"
><i>The Common Vulnerability Scoring System
(CVSS)</i></a>, Talk or presentation,  10,
November, 2005.
  • Plain text 
     Mike Schiffman. "The Common Vulnerability Scoring
System (CVSS)". Talk or presentation,  10, November,
2005.
  • BibTeX 
    @presentation{Schiffman05_CommonVulnerabilityScoringSystemCVSS,
    author = { Mike Schiffman},
    title = {The Common Vulnerability Scoring System (CVSS)},
    day = {10},
    month = {November},
    year = {2005},
    abstract = {To date, a number of commercial computer security
              vendors and not-for-profit organizations have
              developed, promoted, and implemented systems to
              rank information system vulnerabilities.
              Unfortunately, there is no cohesion or
              interoperability among those systems and they are
              limited in scope as to what they cover. This
              presentation discusses an open and universal
              vulnerability scoring system to address and solve
              these shortcomings, with the ultimate goal of
              promoting a common language to discuss
              vulnerability severity and impact. More can be
              found at <a
              href="http://www.first.org/cvss">http://www.first.org/cvss</a>. },
    URL = {http://www.truststc.org/pubs/10.html}
}

Posted by Christopher Brooks on 16 Nov 2005.
Groups: trustseminar
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.