ABSTRACT
Weaknesses are flaws or limitations which an attacker can take advantage of to impact the security of a system. These flaws can enable an attacker to gain illegitimate access to sensitive information, bypass security checks, prevent legitimate use, or cause a wide variety of other security issues. The goal of mitigation should be to limit weak points to an acceptable level for safe operation of the service, not to try and eliminate it altogether. A vulnerability is a specific instance of a weakness found within software or within a system. The common vulnerability scoring system measures the risk and potential impact a vulnerability can have on a system based on the severity of the vulnerability to the system’s security, the maturity of known exploit code for the vulnerability, and the impact that successful exploitation would have on the organization’s overall security. The result is a score from 0 to 10 with a higher score indicating a more severe vulnerability.
