cvss-score
Syntax
cvss-score { greater-than value; less-than value; }
Hierarchy Level
[edit security idp dynamic-attack-group name filters]
Description
The Common Vulnerability Scoring System (CVSS) score of attack is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threats.
Scores range from 0 to 10, with 10 being the most severe. While mostly CVSS base score is used for determining severity, temporal and environmental scores, to factor in availability of mitigations and how widespread vulnerable systems are within an organization.
The CVSS assessment measures three areas of concern:
Base Metrics for qualities intrinsic to a vulnerability.
Temporal Metrics for characteristics that evolve over the lifetime of vulnerability.
Environmental Metrics for vulnerabilities that depend on a particular implementation or environment.
A numerical score is generated for each of these metric groups.
Options
greater-than value | Match when CVSS score is greater than the value specified. The value is a real number and can include decimal values. For example, the value 5.5 is a valid CVSS score.
|
less-than value | Match when CVSS score is less than the value specified.
|
Required Privilege Level
security
Release Information
Statement introduced in Junos OS Release 18.2R1.