CVSS v3.1 Calculator

Calculate the severity of software vulnerabilities using the Common Vulnerability Scoring System (CVSS) v3.1.

Exploitability Metrics

Attack Vector (AV)Reflects the context by which vulnerability exploitation is possible.

Attack Complexity (AC)Describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.

Privileges Required (PR)The level of privileges an attacker must possess before successfully exploiting the vulnerability.

User Interaction (UI)Whether the vulnerability can be exploited without interaction from an additional user.

Impact Metrics

Scope (S)Whether a vulnerability in one software component impacts resources beyond its security boundary.

Confidentiality (C)Impact on the confidentiality of the data managed by the software.

Integrity (I)Impact on the integrity (correctness) of the data managed by the software.

Availability (A)Impact on the availability of the impacted component.

Base Score

0.0

UNKNOWN

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity Scale

None0.0

Low0.1 - 3.9

Medium4.0 - 6.9

High7.0 - 8.9

Critical9.0 - 10.0

Pro Tip

Use the Scope metric carefully. If an exploit impacts a component beyond its security boundary (e.g., a sandbox escape), set Scope to Changed.