Skip to content

Provider Urgency

Provider Urgency (cvss:U:1.0.0)

Many vendors currently provide supplemental severity ratings to consumers via product security advisories. Other vendors publish Qualitative Severity Ratings from the CVSS Specification Document in their advisories. To facilitate a standardized method to incorporate additional provider-supplied assessment, an optional "pass-through" Supplemental Metric called Provider Urgency is available.

Value Definition
Not Defined (X) This metric value is not defined. See CVSS documentation for details.
Clear (C) Provider has assessed the impact of this vulnerability as having no urgency (Informational).
Green (G) Provider has assessed the impact of this vulnerability as having a reduced urgency.
Amber (A) Provider has assessed the impact of this vulnerability as having a moderate urgency.
Red (R) Provider has assessed the impact of this vulnerability as having the highest urgency.
Provider Urgency (cvss:U:1.0.0) JSON Example 
{
  "namespace": "cvss",
  "key": "U",
  "version": "1.0.0",
  "name": "Provider Urgency",
  "description": "Many vendors currently provide supplemental severity ratings to consumers via product security advisories. Other vendors publish Qualitative Severity Ratings from the CVSS Specification Document in their advisories. To facilitate a standardized method to incorporate additional provider-supplied assessment, an optional \"pass-through\" Supplemental Metric called Provider Urgency is available.",
  "schemaVersion": "2.0.0",
  "values": [
    {
      "key": "X",
      "name": "Not Defined",
      "description": "This metric value is not defined. See CVSS documentation for details."
    },
    {
      "key": "C",
      "name": "Clear",
      "description": "Provider has assessed the impact of this vulnerability as having no urgency (Informational)."
    },
    {
      "key": "G",
      "name": "Green",
      "description": "Provider has assessed the impact of this vulnerability as having a reduced urgency."
    },
    {
      "key": "A",
      "name": "Amber",
      "description": "Provider has assessed the impact of this vulnerability as having a moderate urgency."
    },
    {
      "key": "R",
      "name": "Red",
      "description": "Provider has assessed the impact of this vulnerability as having the highest urgency."
    }
  ]
}