appsec

335 readers

1 users here now

A community for all things related to application security.

founded 1 year ago

MODERATORS

laszlok@infosec.pub

Feedback open until 31 of August for CVSS 4.0 (www.first.org)

submitted 1 year ago by N7x@infosec.pub to c/appsec@infosec.pub

2 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] mwguy@infosec.pub 1 points 1 year ago (1 children)

I get why they're doing it. But the truth is that there are still places using CVSS 2.0 to grade their vulnerabilities. The switch to CVSS 4.0 is going to take forever unless there's some conversion logic from 3->4.

permalink
fedilink
source
hideshow 2 child comments

[–] N7x@infosec.pub 1 points 1 year ago

That's kind of legacy debt at some point. I understand why they still want to move towards evolving the standard

permalink
fedilink
source
parent