A security analyst is reviewing the results of a vulnerability scan. The analyst sees a plugin output that includes the CVSS vector string AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. What is the base score of this vulnerability?
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H yields a base score of 9.8 in CVSS v3.1.
Why this answer
The vector indicates Network attack vector, Low attack complexity, No privileges required, No user interaction, Unchanged scope, and High impact on Confidentiality, Integrity, and Availability. For CVSS v3.1, this corresponds to a base score of 9.8 (Critical).