U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerability Metrics

Product Integration using NVD CVSS Calculators

Organizations that have created CVSS compatible products may integrate with the NVD CVSS calculators by creating a hyperlink that includes the CVSS vector or, optionally, the CVE-ID. This works for base, temporal, and environmental metrics within a vector string. Examples of how this can be done have been provided below. 

NOTE: If you provide a CVE-ID and a CVSS vector string, the vector string provided must match the vector string stored within the NVD. If the vector string provided does not match the vector string stored in the NVD, a warning banner will display and the NVD vector string will be displayed instead. This means that when stipulating a CVE ID only base metrics can be provided.

CVSS v3.x Examples

Example hyperlink to CVSS v3.x calculator with vulnerability ID:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2016-0051

Example hyperlink to CVSS v3.x calculator with base vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Example hyperlink to CVSS v3.x calculator with vulnerability ID and base vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2016-0051&vector=AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Example hyperlink to CVSS v3.x calculator with base and temporal metrics vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:T/RC:R

Example hyperlink to CVSS v3.x calculator with base, temporal and environmental metrics vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N/CR:H/IR:H/AR:M/MAV:L/MAC:L/MPR:N/MUI:R/MS:C/MC:N/MI:N/MA:L

Example hyperlink with CVE ID, base vector string and v3.x calculator version toggle:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2018-8011&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H&version=3.1  
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2018-8011&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H&version=3.0

CVSS v2.0 Examples

Example hyperlink to CVSS v2.0 calculator with vulnerability ID:
https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=CVE-2007-1001

Example hyperlink to CVSS v2.0 calculator with base vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:L/AC:H/Au:N/C:N/I:P/A:C)

Example hyperlink to CVSS v2.0 calculator with vulnerability ID and base vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?name=CVE-2016-0051&vector=(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Example hyperlink to CVSS v2.0 calculator with base and temporal metrics vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:L/AC:H/Au:N/C:N/I:P/A:C/E:POC/RL:OF/RC:C)

Example hyperlink to CVSS v2.0 calculator with base, temporal and environmental metrics vector string:
https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:L/AC:H/Au:N/C:N/I:P/A:C/E:POC/RL:OF/RC:C/CDP:L/TD:M/CR:L/IR:L/AR:H)


 

Created September 20, 2022 , Updated March 19, 2024