|
|
|
|
|
|
by Arch-TK
841 days ago
|
|
|
It's possible to take a somewhat unopinionated approach to CVSS, the issue is that such CVSS scores exist in a vacuum, and vulnerabilities exist in environments. It's not possible to really apply a CVSS score to a vulnerability in a specific environment without understanding the vulnerability and more or less ignoring the CVSS score. In summary, CVSS scores can be very objective, but in those cases they're also worthless. |
|
|