Vendors agree on vulnerability scoring system
John Leyden,
The Register
2005-02-23
Leading IT suppliers are banding together to develop a system designed to standardise the rating of security vulnerabilities. The scheme, called the Common Vulnerability Scoring System (CVSS), announced at last week's RSA Conference in San Francisco, is designed to replace vendor-specific ratings with a system that will make it easier for users to prioritise security remediation work.