CVSS (Common Vulnerability Scoring System) is a scoring system that provides an open framework for determining the impact of information technology vulnerabilities and a format for communicating vulnerability characteristics. The CVSS standard is maintained by FIRST.

SCAP 1.0 and 1.2 policies are compliant with CVSS Version 2.0. Tell me more

See Statement of CVSS Implementation