-
Notifications
You must be signed in to change notification settings - Fork 43
Expand file tree
/
Copy pathconfidentiality_impact_2_0_0.json
More file actions
25 lines (25 loc) · 1.26 KB
/
confidentiality_impact_2_0_0.json
File metadata and controls
25 lines (25 loc) · 1.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
"name": "Confidentiality Impact",
"description": "This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "C",
"values": [
{
"key": "N",
"name": "None",
"description": "There is no loss of confidentiality within the impacted component."
},
{
"key": "L",
"name": "Low",
"description": "There is some loss of confidentiality. Access to some restricted information is obtained, but the attacker does not have control over what information is obtained, or the amount or kind of loss is constrained. The information disclosure does not cause a direct, serious loss to the impacted component."
},
{
"key": "H",
"name": "High",
"description": "There is total loss of confidentiality, resulting in all resources within the impacted component being divulged to the attacker. Alternatively, access to only some restricted information is obtained, but the disclosed information presents a direct, serious impact. For example, an attacker steals the administrator's password, or private encryption keys of a web server."
}
]
}