Terminology Used in Vulnerability Detection

• CVE: The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures. The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

  The United States National Cybersecurity FFRDC, operated by The MITRE Corporation, maintains the database. CVE and CVE IDs are listed on Mitre's system as well as in the US National Vulnerability Database.

• CVSS: The Common Vulnerability Scoring System (CVSS) is a method used to supply a qualitative measure of severity. Metrics result in a numerical score ranging from 0 to 10. CVSS is well suited as a standard measurement system for industries, organizations, and governments that need accurate and consistent vulnerability severity scores.
  Qualitative Severity Ratings in CVSS v4.0 notates ratings as below:

  Severity	Score Range
  None	0.0
  Low	0.1-3.9
  Medium	4.0-6.9
  High	7.0-8.9
  Critical	9.0-10.0

Prerequisites and Permissions

To begin using Vulnerability Detection first complete the prerequisites and obtain the necessary permissions.

• Perform Prerequisite Tasks
• Obtain Required Permissions