Vulnerability Risk Score Calculator (CVSS-based)

ANA›Life Services Authority›National Calculator Authority›Vulnerability Risk Score Calculator (CVSS-based)

.calc-container { max-width: 640px; margin: 2rem 0; padding: 1.5rem; background: #fff; border: 1px solid #ddd; border-radius: 8px; box-shadow: 0 1px 3px rgba(0,0,0,0.06); font-family: system-ui, -apple-system, sans-serif; } .calc-container h3 { font-family: Georgia, serif; font-size: 1.15rem; color: #1a1a1a; margin-bottom: 1rem; padding-bottom: 0.5rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-row { display: flex; align-items: center; gap: 0.75rem; margin-bottom: 0.75rem; flex-wrap: wrap; } .calc-row label { min-width: 160px; font-size: 0.9rem; color: #333; font-weight: 500; } .calc-row input[type="number"], .calc-row select { flex: 1; min-width: 120px; max-width: 200px; padding: 0.5rem 0.6rem; border: 1px solid #ccc; border-radius: 4px; font-size: 0.9rem; font-family: system-ui, sans-serif; color: #1a1a1a; background: #fafaf8; } .calc-row input:focus, .calc-row select:focus { outline: none; border-color: var(--ac, #3d5a80); box-shadow: 0 0 0 2px rgba(26,74,138,0.12); } .calc-row .unit { font-size: 0.82rem; color: #888; min-width: 30px; } .calc-btn { display: inline-block; margin-top: 0.5rem; padding: 0.55rem 1.5rem; background: var(--ac, #3d5a80); color: #fff; border: none; border-radius: 4px; font-size: 0.9rem; font-weight: 600; cursor: pointer; font-family: system-ui, sans-serif; } .calc-btn:hover { opacity: 0.9; } .calc-result { margin-top: 1.25rem; padding: 1rem 1.25rem; background: #f0f6fc; border-left: 3px solid var(--ac, #3d5a80); border-radius: 0 6px 6px 0; display: none; } .calc-result.visible { display: block; } .calc-result-label { font-size: 0.78rem; text-transform: uppercase; letter-spacing: 0.06em; color: #666; margin-bottom: 0.25rem; } .calc-result-value { font-size: 1.6rem; font-weight: 700; color: var(--ac, #3d5a80); } .calc-result-detail { font-size: 0.85rem; color: #555; margin-top: 0.5rem; line-height: 1.5; } .calc-note { margin-top: 1rem; font-size: 0.8rem; color: #888; font-style: italic; } .calc-grid { display: grid; grid-template-columns: 1fr 1fr; gap: 0.75rem; margin-top: 0.75rem; } .calc-grid-item { padding: 0.6rem 0.8rem; background: #f8f9fa; border-radius: 4px; border: 1px solid #eee; } .calc-grid-item .label { font-size: 0.75rem; color: #888; text-transform: uppercase; letter-spacing: 0.04em; } .calc-grid-item .value { font-size: 1.1rem; font-weight: 600; color: #1a1a1a; } @media (max-width: 720px) { .calc-row { flex-direction: column; align-items: flex-start; gap: 0.3rem; } .calc-row label { min-width: auto; } .calc-row input[type="number"], .calc-row select { max-width: 100%; width: 100%; } .calc-grid { grid-template-columns: 1fr; } } .calc-chart { margin: 1rem 0; text-align: center; } .calc-chart svg { max-width: 100%; height: auto; } .calc-chart-legend { display: flex; flex-wrap: wrap; justify-content: center; gap: 0.6rem 1.2rem; margin-top: 0.6rem; font-size: 0.8rem; color: #555; } .calc-chart-legend span { display: inline-flex; align-items: center; gap: 0.3rem; } .calc-chart-legend i { display: inline-block; width: 10px; height: 10px; border-radius: 2px; font-style: normal; } .calc-related { max-width: 640px; margin: 2rem 0 1rem; padding: 1.25rem 1.5rem; background: #f8f9fa; border: 1px solid #e8e8e8; border-radius: 8px; } .calc-related h3 { font-family: Georgia, serif; font-size: 1rem; color: #1a1a1a; margin: 0 0 0.75rem; padding-bottom: 0.4rem; border-bottom: 2px solid var(--ac, #3d5a80); } .calc-related-list { list-style: none; padding: 0; margin: 0 0 0.75rem; display: grid; grid-template-columns: 1fr 1fr; gap: 0.4rem 1.5rem; } .calc-related-list li a { font-size: 0.88rem; color: var(--ac, #3d5a80); text-decoration: none; } .calc-related-list li a:hover { text-decoration: underline; } .calc-browse-all { margin: 0.5rem 0 0; font-size: 0.9rem; font-weight: 600; } .calc-browse-all a { color: var(--ac, #3d5a80); text-decoration: none; } .calc-browse-all a:hover { text-decoration: underline; } @media (max-width: 720px) { .calc-related-list { grid-template-columns: 1fr; } }

Vulnerability Risk Score Calculator (CVSS-based)

Calculate the CVSS v3.1 Base Score for a vulnerability by selecting the appropriate metric values. The score ranges from 0.0 (None) to 10.0 (Critical) and reflects the intrinsic characteristics of a vulnerability.

Attack Vector (AV)

Network (N) — Remotely exploitable Adjacent (A) — Adjacent network required Local (L) — Local access required Physical (P) — Physical access required

Attack Complexity (AC)

Low (L) — No special conditions High (H) — Special conditions required

Privileges Required (PR)

None (N) — No privileges needed Low (L) — Basic user privileges High (H) — Admin/root privileges

User Interaction (UI)

None (N) — No user interaction needed Required (R) — User must take action

Scope (S)

Unchanged (U) — Impact limited to vulnerable component Changed (C) — Impact extends beyond vulnerable component

Impact Metrics

Confidentiality Impact (C)

None (N) Low (L) High (H)

Integrity Impact (I)

None (N) Low (L) High (H)

Availability Impact (A)

None (N) Low (L) High (H)

Calculate CVSS Score Select metrics above and click Calculate.

function vulCalc() { var resultDiv = document.getElementById('vul-result');

// Parse metric values var AV = parseFloat(document.getElementById('vul-av').value); var AC = parseFloat(document.getElementById('vul-ac').value); var prVal = document.getElementById('vul-pr').value; var UI = parseFloat(document.getElementById('vul-ui').value); var scopeVal = document.getElementById('vul-scope').value; var CI = parseFloat(document.getElementById('vul-ci').value); var II = parseFloat(document.getElementById('vul-ii').value); var AI = parseFloat(document.getElementById('vul-ai').value);

// Privileges Required depends on Scope var PR; if (prVal === 'none') { PR = 0.85; } else if (prVal === 'low') { PR = (scopeVal === 'changed') ? 0.50 : 0.62; } else { // high PR = (scopeVal === 'changed') ? 0.50 : 0.27; }

// Exploitability sub-score var exploitability = 8.22 * AV * AC * PR * UI;

// Impact sub-score var ISCBase = 1 - (1 - CI) * (1 - II) * (1 - AI);

var ISC; if (scopeVal === 'unchanged') { ISC = 6.42 * ISCBase; } else { ISC = 7.52 * (ISCBase - 0.029) - 3.25 * Math.pow(ISCBase - 0.02, 15); }

// If no impact, score is 0 if (ISC ⚠ ' + 'CVSS Base Score: 0.0 — None' + 'No impact metrics selected; score is 0.0 by definition.'; return; }

// Base Score (before rounding) var rawScore; if (scopeVal === 'unchanged') { rawScore = Math.min(ISC + exploitability, 10); } else { rawScore = Math.min(1.08 * (ISC + exploitability), 10); }

// CVSS rounding: roundup to nearest 0.1 var score = Math.ceil(rawScore * 10) / 10;

// Severity rating var severity, color; if (score === 0.0) { severity = 'None'; color = '#718096'; } else if (score ' + score.toFixed(1) + ' — ' + severity + '' + '' + vector + '' + '' + 'Exploitability: ' + exploitability.toFixed(3) + '' + 'Impact (ISC): ' + ISC.toFixed(3) + '' + 'ISCBase: ' + ISCBase.toFixed(3) + '' + '' + '' + 'Scope: ' + (scopeVal === 'unchanged' ? 'Unchanged — Base = min(ISC + Exploitability, 10)' : 'Changed — Base = min(1.08 × (ISC + Exploitability), 10)') + ''; }

#### Formula — CVSS v3.1 Base Score

Step 1 — Exploitability: Exploitability = 8.22 × AV × AC × PR × UI

Step 2 — Impact Sub-Score Base: ISCBase = 1 − (1 − C) × (1 − I) × (1 − A)

Step 3 — Impact Sub-Score (ISC): If Scope = Unchanged: ISC = 6.42 × ISCBase If Scope = Changed: ISC = 7.52 × (ISCBase − 0.029) − 3.25 × (ISCBase − 0.02)¹⁵

Step 4 — Base Score: If ISC ≤ 0: Base Score = 0.0 If Scope = Unchanged: Base Score = Roundup(min(ISC + Exploitability, 10)) If Scope = Changed: Base Score = Roundup(min(1.08 × (ISC + Exploitability), 10))

Roundup rounds up to the nearest 0.1 (ceiling at one decimal place).

Severity Ratings: None (0.0) | Low (0.1–3.9) | Medium (4.0–6.9) | High (7.0–8.9) | Critical (9.0–10.0)

Privileges Required (PR) — Scope-adjusted values: None: 0.85 (any scope) | Low: 0.62 (Unchanged), 0.50 (Changed) | High: 0.27 (Unchanged), 0.50 (Changed)

#### Assumptions & References

• Implements CVSS v3.1 Base Score specification exactly as published by FIRST.
• Reference: CVSS v3.1 Specification Document, FIRST.Org, Inc. (https://www.first.org/cvss/v3.1/specification-document)
• Reference: NVD CVSS Calculator — National Vulnerability Database (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator)

More Calculators

• HVAC Replacement Cost Estimator for Utah Homes
• HVAC Equipment Replacement Cost Estimator — Estimate replacement costs based on WV labor rates and system type
• West Virginia HVAC Contractor License Requirements Checker — Verify continuing education and bonding requirements by WV license class
• West Virginia Heating Degree Days Calculator — Estimate seasonal heating demand based on WV regional climate data
• Humidity and Ventilation Load Calculator — Account for WV's variable humidity levels in HVAC system sizing
• Insulation R-Value Calculator

Read Next

West Virginia Hvac Contractor License Requirements Checker Verify Continuing Education And Bonding Requirements By Wv License Class ANA › Life Services Authority › National Calculator Authority › West Virginia HVAC Contractor License Requirements Checker —...

Study Time Planner ANA › Life Services Authority › National Calculator Authority › Study Time Planner .calc-container { max-width: 640px; margin:...

References

• ANA
• Life Services Authority