CVSS v3 Base Metrics
Issue
-
PCI-DSS: CVE score discrepancy between RHN and NIST
-
I received security alerts for several OpenSSL fixes, which is good.
However, there is something I don't understand:
The RHN page says: Base Score: 4.3 -
While after following the Base Metrics link to the NIST page, I see: CVSS Base Score 7.5
-
Others are also different, but with smaller gaps.
Environment
- Red Hat CVSS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.