U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.



Common Vulnerability Scoring System Calculator CVE-2024-10020

Source: NIST

This page shows the components of a CVSS assessment and allows you to refine the resulting CVSS score with additional or different metric values. Please read the CVSS standards guide to fully understand how to assess vulnerabilities using CVSS and to interpret the resulting scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score.

CVSS Base Score:
{{vm.baseScore}}
Impact Subscore:
{{vm.impactScore}}
Exploitability Subscore:
{{vm.exploitScore}}
CVSS Temporal Score:
{{vm.temporalScore}}
CVSS Environmental Score:
{{vm.environScore}}
Modified Impact Subscore:
{{vm.modImpactScore}}
Overall CVSS Score:
{{vm.overallScore}}

CVSS v{{ vm.selectedVersion3Type }} Vector

Base Score Metrics

Exploitability Metrics
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
Impact Metrics
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*

* - All base metrics are required to generate a base score.

Temporal Score Metrics

Exploit Code Maturity (E)
Remediation Level (RL)
Report Confidence (RC)

Environmental Score Metrics

Exploitability Metrics
Attack Vector (MAV)
Attack Complexity (MAC)
Privileges Required (MPR)
User Interaction (MUI)
Scope (MS)
Impact Metrics
Confidentiality Impact (MC)
Integrity Impact (MI)
Availability Impact (MA)
Impact Subscore Modifiers
Confidentiality Requirement (CR)
Integrity Requirement (IR)
Availability Requirement (AR)