buttonTrust
 
Commands
  Search pubs

Quick search by ...
Year
  2011
2010
2009
2008
2007
2006
2005
2004
2002

Group
  aftrust
aftrustfaculty
deab
eab
eduboard
education
euus
execboard
financial
gig
government
health
healthcare
hsn
hsnresearch
hsnucb
iab
iacb
icast
icastucb
idtheft
industry
knowledgetransfer
languages
netdefenses
patientmonitor
pdfellowship
physical
policy
reu
reu11gold
reu2009
reu2010
reu2011
scada
securit
securit2007
sensornets
sensorprivacy
sitevisit
superb
superb2008
telecomitalia
trust
trustadmin
trustfaculty
trustlocal
trustseminar
trustworthy
university
wise2006
The Common Vulnerability Scoring System (CVSS)
Mike Schiffman

Citation
Mike Schiffman. "The Common Vulnerability Scoring System (CVSS)". Talk or presentation, 10, November, 2005.

Abstract
To date, a number of commercial computer security vendors and not-for-profit organizations have developed, promoted, and implemented systems to rank information system vulnerabilities. Unfortunately, there is no cohesion or interoperability among those systems and they are limited in scope as to what they cover. This presentation discusses an open and universal vulnerability scoring system to address and solve these shortcomings, with the ultimate goal of promoting a common language to discuss vulnerability severity and impact. More can be found at http://www.first.org/cvss.

Electronic downloads


Confidential. This publication has been marked by the author for Trust-only distribution, so electronic downloads are not available without logging in.
Citation formats  
  • HTML 
     Mike Schiffman. <a
href="http://www.truststc.org/pubs/10.html"
><i>The Common Vulnerability Scoring System
(CVSS)</i></a>, Talk or presentation,  10,
November, 2005.
  • Plain text 
     Mike Schiffman. "The Common Vulnerability Scoring
System (CVSS)". Talk or presentation,  10, November,
2005.
  • BibTeX 
    @presentation{Schiffman05_CommonVulnerabilityScoringSystemCVSS,
    author = { Mike Schiffman},
    title = {The Common Vulnerability Scoring System (CVSS)},
    day = {10},
    month = {November},
    year = {2005},
    abstract = {To date, a number of commercial computer security
              vendors and not-for-profit organizations have
              developed, promoted, and implemented systems to
              rank information system vulnerabilities.
              Unfortunately, there is no cohesion or
              interoperability among those systems and they are
              limited in scope as to what they cover. This
              presentation discusses an open and universal
              vulnerability scoring system to address and solve
              these shortcomings, with the ultimate goal of
              promoting a common language to discuss
              vulnerability severity and impact. More can be
              found at <a
              href="http://www.first.org/cvss">http://www.first.org/cvss</a>. },
    URL = {http://www.truststc.org/pubs/10.html}
}

Posted by Christopher Brooks on 16 Nov 2005.
For additional information, see the Publications FAQ or contact webmaster at www truststc org..

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.
You are not logged in 
© 2005-2012 Trust