Valid Secure-Software-Design Dumps shared by EduDump.com for Helping Passing Secure-Software-Design Exam! EduDump.com now offer the newest Secure-Software-Design exam dumps, the EduDump.com Secure-Software-Design exam questions have been updated and answers have been corrected get the newest EduDump.com Secure-Software-Design dumps with Test Engine here:
Using a web-based common vulnerability scoring system (CVSS) calculator, a security response team member performed an assessment on a reported vulnerability in the company's customer portal. The base score of the vulnerability was 9.9 and changed to 8.0 after adjusting temporal and environmental metrics. Which rating would CVSS assign this vulnerability?
Correct Answer: D
Comprehensive and Detailed Explanation From Exact Extract: CVSS scores are classified into severity levels based on numeric ranges. A base score of 9.9 falls within the Critical range (9.0-10.0), but after adjustment for temporal and environmental metrics, the score is 8.0, which falls into the High severity category (7.0-8.9). Therefore, the final rating assigned is High severity. Medium severity corresponds to scores between 4.0 and 6.9, and low severity is below 4.0. This scoring methodology is defined by the FIRST Common Vulnerability Scoring System v3.1 Specification which guides how scores are adjusted to reflect real-world risk contexts. References: FIRST CVSS v3.1 Specification OWASP Vulnerability Severity Classification NIST National Vulnerability Database (NVD)