Options
All
  • Public
  • Public/Protected
  • All
Menu

Class CvssScore

Represents a CVSS score produced by an instance of {@link CvssScoringEngine}.

Hierarchy

  • CvssScore

Index

Constructors

Properties

Accessors

Constructors

constructor

  • new CvssScore(baseScore?: number, impactSubscore?: number, exploitabilitySubscore?: number, temporalScore?: null | number, environmentalScore?: null | number, modifiedImpactSubscore?: null | number, overallScore?: number): CvssScore

  • Initializes a new instance of a CVSS score.

    Parameters

    • baseScore: number = 0

      the base score

    • impactSubscore: number = 0

      the impact subscore

    • exploitabilitySubscore: number = 0

      the exploitability subscore

    • temporalScore: null | number = null

      the temporal score

    • environmentalScore: null | number = null

      the environmental score

    • modifiedImpactSubscore: null | number = null

      the modified impact score

    • overallScore: number = 0

      the overall score (non-standard addition by NIST/NVD)

    Returns CvssScore

Properties

Private _baseScore

_baseScore: number

Private _environmentalScore

_environmentalScore: null | number

Private _exploitabilitySubscore

_exploitabilitySubscore: number

Private _impactSubscore

_impactSubscore: number

Private _modifiedImpactSubscore

_modifiedImpactSubscore: null | number

Private _overallScore

_overallScore: number

Private _temporalScore

_temporalScore: null | number

Accessors

baseScore

  • get baseScore(): number

  • Gets the base score.

    The base score represents the severity of the vulnerability based on its intrinsic properties. It is constant over time.

    Returns number

    the base score

cvss3OverallSeverityText

  • get cvss3OverallSeverityText(): string

  • Gets the CVSS v3.0/1 severity text for this score.

    Returns string

    the severity text

environmentalScore

  • get environmentalScore(): null | number

  • Gets the environmental score.

    The environmental score represents the severity of the vulnerability as it exists on a specific organization's IT infrastructure.

    Returns null | number

    the environmental score

exploitabilitySubscore

  • get exploitabilitySubscore(): number

  • Gets the exploitability subscore.

    The exploitability subscore is a measure of exploitability, derived from the base exploitability metrics.

    Returns number

    the exploitability subscore

impactSubscore

  • get impactSubscore(): number

  • Gets the impact subscore.

    The impact subscore is a measure of impact, derived from the base impact metrics.

    Returns number

    the impact subscore

modifiedImpactSubscore

  • get modifiedImpactSubscore(): null | number

  • Gets the modified impact subscore.

    The impact subscore is a measure of impact, derived from the modified (environmental) impact metrics.

    Returns null | number

    the moodified impact subscore

overallScore

  • get overallScore(): number

  • Gets the overall score.

    The overall score is a non-standard measure which is preferentially equal to the environmental score, then temporal score and finally base score if neither of the former two are defined.

    Returns number

    the overall score

temporalScore

  • get temporalScore(): null | number

  • Gets the temporal score.

    The temporal score represents the severity of the vulnerability as it currently exists, accounting for factors such as whether or not there exists an exploit, patch or workaround for the vulnerability.

    Returns null | number

    the temporal score

Generated using TypeDoc