NVD Banner
Vulnerabilities Checklists 800-53/800-53A Product Dictionary Impact Metrics Data Feeds Statistics
Home SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
CVSS Version 2 Scoring Page (CVE-2013-0387)
This page shows the components of the CVSS score for CVE-2013-0387 and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score. A concise form of this page is available to CVSS experts.

Reset Scores View Equations
CVSS Base Score
  4.3
    Impact Subscore
      4.9
    Exploitability Subscore
      5.5
CVSS Temporal Score
  Undefined
CVSS Environmental Score
  Undefined
Overall CVSS Score
  4.3

Base Score Metrics

These metrics describe inherent characteristics of the vulnerability. These scores have already been calculated for this vulnerability.

Exploitability Metrics

Related exploit range
(AccessVector)
Attack complexity
(AccessComplexity)
Level of authentication needed
(Authentication)

Impact Metrics

Confidentiality impact
(ConfImpact)
Integrity impact
(IntegImpact)
Availability impact
(AvailImpact)









Environmental Score Metrics

This section addresses metrics that describe the effect of a vulnerability within an organization's environment. These metrics must calculated separately for each organization.

General Modifiers

Organization specific potential for loss
(CollateralDamagePotential)
Percentage of vulnerable systems
(TargetDistribution)

Impact Subscore Modifiers

System confidentiality requirement (draft proposal)
(ConfidentialityRequirement)
System integrity requirement (draft proposal)
(IntegrityRequirement)
System availability requirement (draft proposal)
(AvailabilityRequirement)

Temporal Score Metrics

These metrics describe elements about the vulnerability that change over time. If all of these values are left as 'Undefined', the environmental score will be based on the base score.

Availability of exploit
(Exploitability)
Type of fix available
(RemediationLevel)
Level of verification that vulnerability exists
(ReportConfidence)

Disclaimer Notice & Privacy Statement / Security Notice

Send comments or suggestions to nvd@nist.gov

NIST Computer Security Resource Center (CSRC)

NIST is an Agency of the U.S. Dept. of Commerce

Full vulnerability listing