CVSS v2.0 Scoring System

When Code Insight is configured to use the CVSS v2.0 scoring system, the color-coded segments in graph represent the following severity levels:

•

Red—High severity (CVSS score 7.0 - 10.0)

•

Gold—Medium severity (CVSS score 4.0 - 6.9)

•

Yellow—Low severity (CVSS score 0.1 - 3.9)

•

Gray—Unknown severity (N/A)

The following Vulnerabilities bar graph reflects vulnerability counts for the same inventory item referenced in the previous section, but in this case CVSS v2.0 scoring is used.

Note that the graph shows the same total number of vulnerabilities as the previous graph shows, but the severity distribution is different. In this case, the graph indicates 13 vulnerabilities of high severity, 8 of medium severity, 5 of low severity, and 80 of unknown severity.