This value is used for findings when a source doesn't write a severity
value.
Generated from protobuf enumSEVERITY_UNSPECIFIED = 0;
CRITICAL
Value: 1
Vulnerability:
A critical vulnerability is easily discoverable by an external actor,
exploitable, and results in the direct ability to execute arbitrary code,
exfiltrate data, and otherwise gain additional access and privileges to
cloud resources and workloads. Examples include publicly accessible
unprotected user data and public SSH access with weak or no
passwords.
Threat:
Indicates a threat that is able to access, modify, or delete data or
execute unauthorized code within existing resources.
Generated from protobuf enumCRITICAL = 1;
HIGH
Value: 2
Vulnerability:
A high risk vulnerability can be easily discovered and exploited in
combination with other vulnerabilities in order to gain direct access and
the ability to execute arbitrary code, exfiltrate data, and otherwise
gain additional access and privileges to cloud resources and workloads.
An example is a database with weak or no passwords that is only
accessible internally. This database could easily be compromised by an
actor that had access to the internal network.
Threat:
Indicates a threat that is able to create new computational resources in
an environment but not able to access data or execute code in existing
resources.
Generated from protobuf enumHIGH = 2;
MEDIUM
Value: 3
Vulnerability:
A medium risk vulnerability could be used by an actor to gain access to
resources or privileges that enable them to eventually (through multiple
steps or a complex exploit) gain access and the ability to execute
arbitrary code or exfiltrate data. An example is a service account with
access to more projects than it should have. If an actor gains access to
the service account, they could potentially use that access to manipulate
a project the service account was not intended to.
Threat:
Indicates a threat that is able to cause operational impact but may not
access data or execute unauthorized code.
Generated from protobuf enumMEDIUM = 3;
LOW
Value: 4
Vulnerability:
A low risk vulnerability hampers a security organization's ability to
detect vulnerabilities or active threats in their deployment, or prevents
the root cause investigation of security issues. An example is monitoring
and logs being disabled for resource configurations and access.
Threat:
Indicates a threat that has obtained minimal access to an environment but
is not able to access data, execute code, or create resources.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Google Cloud Security Command Center V1 Client - Class Severity (2.2.1)\n\nVersion latestkeyboard_arrow_down\n\n- [2.2.1 (latest)](/php/docs/reference/cloud-security-center/latest/V1.Finding.Severity)\n- [2.2.0](/php/docs/reference/cloud-security-center/2.2.0/V1.Finding.Severity)\n- [2.1.1](/php/docs/reference/cloud-security-center/2.1.1/V1.Finding.Severity)\n- [2.0.4](/php/docs/reference/cloud-security-center/2.0.4/V1.Finding.Severity)\n- [1.32.0](/php/docs/reference/cloud-security-center/1.32.0/V1.Finding.Severity)\n- [1.31.0](/php/docs/reference/cloud-security-center/1.31.0/V1.Finding.Severity)\n- [1.30.0](/php/docs/reference/cloud-security-center/1.30.0/V1.Finding.Severity)\n- [1.29.0](/php/docs/reference/cloud-security-center/1.29.0/V1.Finding.Severity)\n- [1.28.2](/php/docs/reference/cloud-security-center/1.28.2/V1.Finding.Severity)\n- [1.21.0](/php/docs/reference/cloud-security-center/1.21.0/V1.Finding.Severity)\n- [1.20.2](/php/docs/reference/cloud-security-center/1.20.2/V1.Finding.Severity)\n- [1.19.1](/php/docs/reference/cloud-security-center/1.19.1/V1.Finding.Severity)\n- [1.18.0](/php/docs/reference/cloud-security-center/1.18.0/V1.Finding.Severity)\n- [1.17.0](/php/docs/reference/cloud-security-center/1.17.0/V1.Finding.Severity)\n- [1.16.0](/php/docs/reference/cloud-security-center/1.16.0/V1.Finding.Severity)\n- [1.15.1](/php/docs/reference/cloud-security-center/1.15.1/V1.Finding.Severity)\n- [1.14.2](/php/docs/reference/cloud-security-center/1.14.2/V1.Finding.Severity)\n- [1.13.1](/php/docs/reference/cloud-security-center/1.13.1/V1.Finding.Severity) \nReference documentation and code samples for the Google Cloud Security Command Center V1 Client class Severity.\n\nThe severity of the finding.\n\nProtobuf type `google.cloud.securitycenter.v1.Finding.Severity`\n\nNamespace\n---------\n\nGoogle \\\\ Cloud \\\\ SecurityCenter \\\\ V1 \\\\ Finding\n\nMethods\n-------\n\n### static::name\n\n### static::value\n\nConstants\n---------\n\n### SEVERITY_UNSPECIFIED\n\n Value: 0\n\nThis value is used for findings when a source doesn't write a severity\nvalue.\n\nGenerated from protobuf enum `SEVERITY_UNSPECIFIED = 0;`\n\n### CRITICAL\n\n Value: 1\n\nVulnerability:\nA critical vulnerability is easily discoverable by an external actor,\nexploitable, and results in the direct ability to execute arbitrary code,\nexfiltrate data, and otherwise gain additional access and privileges to\ncloud resources and workloads. Examples include publicly accessible\nunprotected user data and public SSH access with weak or no\npasswords.\n\nThreat:\nIndicates a threat that is able to access, modify, or delete data or\nexecute unauthorized code within existing resources.\n\nGenerated from protobuf enum `CRITICAL = 1;`\n\n### HIGH\n\n Value: 2\n\nVulnerability:\nA high risk vulnerability can be easily discovered and exploited in\ncombination with other vulnerabilities in order to gain direct access and\nthe ability to execute arbitrary code, exfiltrate data, and otherwise\ngain additional access and privileges to cloud resources and workloads.\n\nAn example is a database with weak or no passwords that is only\naccessible internally. This database could easily be compromised by an\nactor that had access to the internal network.\nThreat:\nIndicates a threat that is able to create new computational resources in\nan environment but not able to access data or execute code in existing\nresources.\n\nGenerated from protobuf enum `HIGH = 2;`\n\n### MEDIUM\n\n Value: 3\n\nVulnerability:\nA medium risk vulnerability could be used by an actor to gain access to\nresources or privileges that enable them to eventually (through multiple\nsteps or a complex exploit) gain access and the ability to execute\narbitrary code or exfiltrate data. An example is a service account with\naccess to more projects than it should have. If an actor gains access to\nthe service account, they could potentially use that access to manipulate\na project the service account was not intended to.\n\nThreat:\nIndicates a threat that is able to cause operational impact but may not\naccess data or execute unauthorized code.\n\nGenerated from protobuf enum `MEDIUM = 3;`\n\n### LOW\n\n Value: 4\n\nVulnerability:\nA low risk vulnerability hampers a security organization's ability to\ndetect vulnerabilities or active threats in their deployment, or prevents\nthe root cause investigation of security issues. An example is monitoring\nand logs being disabled for resource configurations and access.\n\nThreat:\nIndicates a threat that has obtained minimal access to an environment but\nis not able to access data, execute code, or create resources.\n\nGenerated from protobuf enum `LOW = 4;`"]]
