The Common Vulnerability Scoring System (CVSS) provides a standardized way to rate the severity of security vulnerabilities. Organizations rely on CVSS to prioritize patches and gauge the urgency of remediation. The system analyzes characteristics like how a vulnerability is exploited and what type of damage it causes. Our calculator implements the CVSS version 3 base score formula so you can quickly assess risk by selecting the relevant metrics.
CVSS v3 combines Exploitability and Impact sub-scores. Exploitability is calculated by multiplying values for attack vector, attack complexity, privileges required, and user interaction. Impact measures how confidentiality, integrity, and availability are affected. The core equation can be expressed as:
, where is 1.08 if scope is changed and 1 otherwise. represents the impact sub-score and the exploitability sub-score.
The impact sub-score is , where function considers how each security property is compromised. Our implementation uses the standard formula recommended by FIRST.org.
Choose the options that best describe the vulnerability you’re analyzing. For example, if the issue can be exploited over the network without authentication, select Network for Attack Vector and None for Privileges Required. Once all fields are set, click Compute Score. The tool outputs a number from 0 to 10, rounded to one decimal place. Scores of 9 or above are considered critical, while scores under 4 are typically low severity.
A higher CVSS score means the vulnerability poses a greater risk. Organizations often set internal thresholds for patching based on these scores. Keep in mind that CVSS only measures intrinsic technical impact. Business context—such as the importance of the affected system—should also guide prioritization.
This calculator focuses on the base score and does not include temporal or environmental metrics, which adjust for factors like exploit maturity or the presence of mitigations. For a comprehensive assessment, consider these additional metrics and consult security professionals.
CVSS offers a common language for describing vulnerability severity. By understanding how each metric contributes to the overall score, you can better communicate risks within your organization and allocate resources effectively. Use this calculator as a quick reference whenever you need to gauge the potential impact of a newly discovered issue.
Estimate your recommended daily iron intake based on age, sex, and life stage. Track dietary iron sources to see if you're meeting the target.
Evaluate your mental tension with our Stress Level Calculator. Rate common stress factors and discover tips for managing stress.
Calculate your Grade Point Average (GPA) easily with our GPA calculator. Enter your course grades and credit hours to find out your GPA.