Availability Requirement
Availability Requirement v1.1.1
This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Availability.
| Value | Definition |
|---|---|
| Low | Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Medium | Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| High | Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Not Defined | This metric value is not defined. See CVSS documentation for details. |
Availability Requirement v1.1.1 JSON Example
{
"namespace": "cvss",
"version": "1.1.1",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Availability.",
"values": [
{
"key": "L",
"name": "Low",
"description": "Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "M",
"name": "Medium",
"description": "Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "H",
"name": "High",
"description": "Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "X",
"name": "Not Defined",
"description": "This metric value is not defined. See CVSS documentation for details."
}
]
}
Previous Versions
Following are the previous versions of the decision point:
Availability Requirement v1.0.0
This metric measures the impact to the availability of a successfully exploited vulnerability.
| Value | Definition |
|---|---|
| Low | Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Medium | Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| High | Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Not Defined | This metric value is not defined. See CVSS documentation for details. |
Availability Requirement v1.0.0 JSON Example
{
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
"name": "Low",
"description": "Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "M",
"name": "Medium",
"description": "Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "H",
"name": "High",
"description": "Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "ND",
"name": "Not Defined",
"description": "This metric value is not defined. See CVSS documentation for details."
}
]
}
Availability Requirement v1.1.0
This metric measures the impact to the availability of a successfully exploited vulnerability.
| Value | Definition |
|---|---|
| Low | Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Medium | Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| High | Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers). |
| Not Defined | This metric value is not defined. See CVSS documentation for details. |
Availability Requirement v1.1.0 JSON Example
{
"namespace": "cvss",
"version": "1.1.0",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
"name": "Low",
"description": "Loss of availability is likely to have only a limited adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "M",
"name": "Medium",
"description": "Loss of availability is likely to have a serious adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "H",
"name": "High",
"description": "Loss of availability is likely to have a catastrophic adverse effect on the organization or individuals associated with the organization (e.g., employees, customers)."
},
{
"key": "X",
"name": "Not Defined",
"description": "This metric value is not defined. See CVSS documentation for details."
}
]
}