CVSSv3
(
mapping
=
None
,
*
,
ignore_unknown_fields
=
False
,
**
kwargs
)
Common Vulnerability Scoring System version 3. For details, see https://www.first.org/cvss/specification-document
Attributes
base_score
float
The base score is a function of the base metric scores. https://www.first.org/cvss/specification-document#Base-Metrics
exploitability_score
float
The Exploitability sub-score equation is derived from the Base Exploitability metrics. https://www.first.org/cvss/specification-document#2-1-Exploitability-Metrics
impact_score
float
The Impact sub-score equation is derived from the Base Impact metrics.
attack_vector
google.cloud.osconfig_v1.types.CVSSv3.AttackVector
This metric reflects the context by which vulnerability exploitation is possible.
attack_complexity
google.cloud.osconfig_v1.types.CVSSv3.AttackComplexity
This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.
privileges_required
google.cloud.osconfig_v1.types.CVSSv3.PrivilegesRequired
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
user_interaction
google.cloud.osconfig_v1.types.CVSSv3.UserInteraction
This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
scope
google.cloud.osconfig_v1.types.CVSSv3.Scope
The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
confidentiality_impact
google.cloud.osconfig_v1.types.CVSSv3.Impact
This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.
integrity_impact
google.cloud.osconfig_v1.types.CVSSv3.Impact
This metric measures the impact to integrity of a successfully exploited vulnerability.
availability_impact
google.cloud.osconfig_v1.types.CVSSv3.Impact
This metric measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability.
Classes
AttackComplexity
AttackComplexity
(
value
)
This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.
AttackVector
AttackVector
(
value
)
This metric reflects the context by which vulnerability exploitation is possible.
Impact
Impact
(
value
)
The Impact metrics capture the effects of a successfully exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack.
PrivilegesRequired
PrivilegesRequired
(
value
)
This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability.
Scope
Scope
(
value
)
The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope.
UserInteraction
UserInteraction
(
value
)
This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component.
