An analysis of CVSS version 2 vulnerability scoring
作者: Karen Scarfone , Peter Mell
DOI: 10.1109/ESEM.2009.5314220
关键词: Software metric 、 Data mining 、 Risk analysis (engineering) 、 Vulnerability 、 CVSS 、 Computer science
摘要: … Finalized in 2007, CVSS version 2 was designed to address deficiencies found during analysis and use of the original CVSS version. This paper analyzes how effectively CVSS version …
acm.org 
sci-hub.se 参考文章(3)
Peter Mell, Karen Scarfone, None, Improving the Common Vulnerability Scoring System Iet Information Security. ,vol. 1, pp. 119- 127 ,(2007) , 10.1049/IET-IFS:20060055
Peter Mell, Karen Scarfone, Sasha Romanosky, Common Vulnerability Scoring System ieee symposium on security and privacy. ,vol. 4, pp. 85- 89 ,(2006) , 10.1109/MSP.2006.145
Karen Scarfone, David Waltermire, Stephen D. Quinn, Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2: Recommendations of the National Institute of Standards and Technology Information Technology Laboratory (National Institute of Standards and Technology). Computer Security Division. ,(2011)