PCI-DSS: CVE score discrepancy between RHN and NIST
I received security alerts for several OpenSSL fixes, which is good.
However, there is something I don't understand:
The RHN page says: Base Score: 4.3
While after following the Base Metrics link to the NIST page, I see: CVSS Base Score 7.5
Others are also different, but with smaller gaps.
- Red Hat CVSS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.