medium
Single Answer
0Brian is reviewing vulnerabilities discovered as part of a vulnerability scan. He sees a score for a vulnerability of 3.0. What does he know about this vulnerability based on its score?
Answer Options
A
It is a high-severity vulnerability and should be addressed quickly.
B
It is a low-severity vulnerability and may not need to be addressed.
C
It is a medium-severity vulnerability and should be reviewed before being addressed.
D
It is a critical vulnerability and should be addressed immediately.
Correct Answer: B
Explanation
CVSS scores range from 0 to 10.0, with 10.0 being the most critical. A score of .1–3.9 is considered a low rating, meaning that Brian can take his time to review and remediate the risk. Scores of 4.0–6.9 are medium, 7.0–8.9 are high, and 9.0–10.0 are critical.