Online CVSS Calculator Tool

Common Vulnerability Scoring System (CVSS) Calculator

Professional Common Vulnerability Scoring System v3.1 Risk Assessment Tool

CVSS Metrics Configuration

Base Score Metrics Base metrics represent the intrinsic characteristics of a vulnerability

Attack Vector (AV)

How the vulnerability is exploited

Network (N) - Remotely exploitable Adjacent Network (A) - Adjacent network access Local (L) - Local access required Physical (P) - Physical access required

Attack Complexity (AC)

Conditions beyond attacker's control

Low (L) - No specialized conditions High (H) - Specialized conditions required

Privileges Required (PR)

Level of privileges needed

None (N) - No privileges required Low (L) - Basic user privileges High (H) - Admin/root privileges

User Interaction (UI)

Requires user participation

None (N) - No user interaction required Required (R) - User must participate

Scope (S)

Impact beyond vulnerable component

Unchanged (U) - Impact limited to vulnerable component Changed (C) - Impact extends beyond vulnerable component

Confidentiality Impact (C)

Information disclosure impact

None (N) - No confidentiality impact Low (L) - Some information disclosed High (H) - Total information disclosure

Integrity Impact (I)

Data modification impact

None (N) - No integrity impact Low (L) - Some data modification High (H) - Total data compromise

Availability Impact (A)

System availability impact

None (N) - No availability impact Low (L) - Reduced availability High (H) - Total availability loss

Temporal Score Metrics Temporal metrics measure current state of exploit techniques and remediation

Exploit Code Maturity (E)

Current state of exploit techniques

Not Defined (X) - Skip this metric High (H) - Functional exploit code available Functional (F) - Working exploit code Proof-of-Concept (P) - POC exploit code Unproven (U) - No known exploit code

Remediation Level (RL)

Availability of remediation

Not Defined (X) - Skip this metric Unavailable (U) - No solution available Workaround (W) - Unofficial workaround Temporary Fix (T) - Temporary solution Official Fix (O) - Official patch available

Report Confidence (RC)

Degree of confidence in vulnerability

Not Defined (X) - Skip this metric Confirmed (C) - Confirmed by vendor Reasonable (R) - Reasonable confidence Unknown (U) - Unconfirmed reports

Environmental Score Metrics Environmental metrics customize the score based on your specific environment

Confidentiality Requirement (CR)

Importance of confidentiality to organization

Not Defined (X) - Skip this metric High (H) - Critical to organization Medium (M) - Important to organization Low (L) - Limited importance

Integrity Requirement (IR)

Importance of integrity to organization

Not Defined (X) - Skip this metric High (H) - Critical to organization Medium (M) - Important to organization Low (L) - Limited importance

Availability Requirement (AR)

Importance of availability to organization

Not Defined (X) - Skip this metric High (H) - Critical to organization Medium (M) - Important to organization Low (L) - Limited importance

CVSS Score Results

0.0

None

Configure metrics to calculate score

Score Breakdown

Base Score: 0.0

Temporal Score: 0.0

Environmental Score: 0.0

CVSS Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

CVSS Calculator Guide

How to Use This Calculator

1. Select Base Metrics: Configure the fundamental characteristics of the vulnerability using the dropdown menus above.
2. Add Temporal Metrics: Optionally adjust for current exploit availability and remediation status.
3. Set Environmental Metrics: Customize the score based on your organization's specific requirements.
4. Calculate: Click "Calculate Score" to get your CVSS score and detailed breakdown.

Understanding CVSS Scores

0.0

None

0.1-3.9

Low

4.0-6.9

Medium

7.0-8.9

High

9.0-10.0

Critical

Score Components

Base Score: Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.
Temporal Score: Reflects the characteristics of a vulnerability that change over time but not across user environments.
Environmental Score: Represents the characteristics of a vulnerability that are relevant and unique to a particular user's environment.

Key Features

✓ Real-time Calculation: Scores update automatically as you modify metrics
✓ Detailed Breakdown: See how each component contributes to the final score
✓ Vector String: Get the standard CVSS vector string for documentation
✓ Responsive Design: Works perfectly on desktop and mobile devices
✓ Professional Grade: Implements official CVSS v3.1 specification

Feature	Details
Price	Free
Rendering	Client-Side Rendering
Language	JavaScript
Paywall	No

Open This Tool

Checkout More Webmaster Tools!

Advertise here

About This Tool

How It Works?