the exploit must be from remote, easy to implement, does not require authentication, the impact must be complete confidential&integrity&availability, the damage must be catastrophic & very vulnerable, for a system that requires high confidential&integrity&availability...
you can try it yourself:
http://nvd.nist.gov/cvss.cfm?calculator&version=2
it's not easy to get perfect 10 score...
No comments:
Post a Comment