CVSS Scoring

Explore the Common Vulnerability Scoring System to assess the risk level of IT vulnerabilities. Understand base, temporal, and environmental metrics and how CVE identifiers standardize vulnerability information. This lesson helps you use Nmap scripting to detect vulnerabilities and interpret their CVSS scores for effective cybersecurity reporting.

We'll cover the following...

Common Vulnerability Scoring System (CVSS)

Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS), is a standardized system designed to provide an open framework for communicating the characteristics and impacts of IT vulnerabilities. Simply put, a CVSS score tells us how dangerous a discovered vulnerability is. The higher the score, the more dangerous the discovered vulnerability is.

CVSS scoring is structured around three metric groups:

Base score: This score captures the intrinsic qualities of a vulnerability. Elements considered include:
- Attack vector (AV): This describes how the vulnerability is exploited (e.g., over the network or locally).
- Attack complexity (AC): This indicates how complex it is to exploit the vulnerability.
- User interaction (UI): This specifies if user ...

1.Introduction

2.Basics of Port Scanning

3.Getting Started with Nmap

4.Nmap: Useful Flags

5.Scanning in Depth

6.Operating System Detection and Aggressive Scanning

7.Stealth Scanning with Nmap

8.Advanced Scans

9.Spoofs, Decoys, and Zombies

10.Nmap Scripting Engine

11.Vulnerability Analysis and Reporting

Mini Project

12.Conclusion

13.Appendix

CVSS Scoring

Common Vulnerability Scoring System (CVSS)