-
Notifications
You must be signed in to change notification settings - Fork 43
Expand file tree
/
Copy pathauthentication_2_0_0.json
More file actions
25 lines (25 loc) · 1.14 KB
/
authentication_2_0_0.json
File metadata and controls
25 lines (25 loc) · 1.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
"name": "Authentication",
"description": "This metric measures the number of times an attacker must authenticate to a target in order to exploit a vulnerability. This metric does not gauge the strength or complexity of the authentication process, only that an attacker is required to provide credentials before an exploit may occur. The possible values for this metric are listed in Table 3. The fewer authentication instances that are required, the higher the vulnerability score.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "Au",
"values": [
{
"key": "M",
"name": "Multiple",
"description": "Exploiting the vulnerability requires that the attacker authenticate two or more times, even if the same credentials are used each time."
},
{
"key": "S",
"name": "Single",
"description": "The vulnerability requires an attacker to be logged into the system (such as at a command line or via a desktop session or web interface)."
},
{
"key": "N",
"name": "None",
"description": "Authentication is not required to exploit the vulnerability."
}
]
}