Skip to content

Impact Bias

Impact Bias v1.0.0

This metric measures the impact bias of the vulnerability.

Value Definition
Normal Confidentiality Impact, Integrity Impact, and Availability Impact are all assigned the same weight.
Confidentiality Confidentiality impact is assigned greater weight than Integrity Impact or Availability Impact.
Integrity Integrity Impact is assigned greater weight than Confidentiality Impact or Availability Impact.
Availability Availability Impact is assigned greater weight than Confidentiality Impact or Integrity Impact.
Impact Bias v1.0.0 JSON Example 
{
  "namespace": "cvss",
  "version": "1.0.0",
  "schemaVersion": "1-0-1",
  "key": "IB",
  "name": "Impact Bias",
  "description": "This metric measures the impact bias of the vulnerability.",
  "values": [
    {
      "key": "N",
      "name": "Normal",
      "description": "Confidentiality Impact, Integrity Impact, and Availability Impact are all assigned the same weight."
    },
    {
      "key": "C",
      "name": "Confidentiality",
      "description": "Confidentiality impact is assigned greater weight than Integrity Impact or Availability Impact."
    },
    {
      "key": "I",
      "name": "Integrity",
      "description": "Integrity Impact is assigned greater weight than Confidentiality Impact or Availability Impact."
    },
    {
      "key": "A",
      "name": "Availability",
      "description": "Availability Impact is assigned greater weight than Confidentiality Impact or Integrity Impact."
    }
  ]
}