"CVSS 4.0 Released, to Help Assess Real-Time Threat and Impact of Vulnerabilities"
CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard released by FIRST. In the interface between suppliers and consumers, CVSS provides a way to catch the principal characteristics of a security vulnerability and forms a score that reflects its technical severity to inform and guide businesses, service providers, government, and the general public. This latest version of CVSS 4.0 aims to provide the most accurate vulnerability assessment for the industry and the public. The program provides consumers with finer granularity in base metrics, eliminates downstream scoring ambiguity, simplifies threat metrics, improves the effectiveness of assessing environment-specific security requirements, and more. Several supplemental attributes for vulnerability assessment, including Automatable, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency, have also been added. This article continues to discuss the release of CVSS 4.0.