Alternate Name: Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::Security Vulnerability Scoring Definition ABE
Category: [a] Class
A standardized method for vulnerability measurement and severity scoring. \n \nNotes: Three scoring specifications have been created, one for each of the categories of system vulnerabilities defined by NIST SCAP. They include the Common Vulnerability Scoring System (CVSS) which address software flaw vulnerabilies (introduced in 2004/v2 in 2007), the Common Misuse Scoring System (CMSS) which was designed for measuring and scoring misuse vulnerabilities. And the Common Configuration Scoring System (CCSS) which addresses software security configuration issue vulnerabilities.
This was created from the Frameworx 16.0 Model