The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.
CVSS is a published standard used by organizations worldwide, and the SIG's mission is to continue to improve it.
Read the full SIG charter at https://www.first.org/cvss/
