A security analyst is reviewing vulnerability scan results and notices that a critical vulnerability on a web server has a CVSS v3.1 base score of 9.8 with the vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. Which component of the CVSS vector indicates that the vulnerability can be exploited from a remote network?
Trap 1: PR:N
Privileges Required (PR) indicates the level of privileges needed, not the network vector.
Trap 2: AC:L
Attack Complexity (AC) indicates the complexity of the attack, not the network reachability.
Trap 3: UI:N
User Interaction (UI) indicates whether user interaction is required, not the network reachability.
- A
PR:N
Why wrong: Privileges Required (PR) indicates the level of privileges needed, not the network vector.
- B
AV:N
AV:N denotes network-based attack vector, meaning exploitable remotely.
- C
AC:L
Why wrong: Attack Complexity (AC) indicates the complexity of the attack, not the network reachability.
- D
UI:N
Why wrong: User Interaction (UI) indicates whether user interaction is required, not the network reachability.