From the course: Vulnerability Management: Assessing the Risks with CVSS v3.1
Join today to access over 24,800 courses taught by industry experts.
User interaction and vulnerability risk
From the course: Vulnerability Management: Assessing the Risks with CVSS v3.1
User interaction and vulnerability risk
- [Instructor] User interaction represented by UI and the vector string describes how much help an attacker needs from a human user in order to successfully exploit a vulnerability. User Interaction only has two possible values, none and required. And none is the highest risk. With none, an attacker can successfully exploit a system without any assistance. That means it's more likely than an attack will be successful. If user interaction is required, that means that a successful attack depends on a human user doing something. This may involve social engineering to get a person to click on a link or install something on the system. Because it depends on that extra step this is a lower risk.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
The CVSS base metric group2m 28s
-
(Locked)
The attack vector metric2m 47s
-
(Locked)
How attack complexity affects risk1m 10s
-
(Locked)
The effects of the privileges required metric on risk1m 15s
-
(Locked)
User interaction and vulnerability risk47s
-
(Locked)
Confidentiality, integrity, and availability impact metrics3m 37s
-
(Locked)
Security scope in CVSS1m 29s
-
(Locked)
Challenge1m 43s
-
(Locked)
Solution2m 32s
-
(Locked)
-
-
-
-