CVSS-SIG Version 2 History

Peter M. Mell; Karen A. Scarfone; Gavin Reid

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

CVSS-SIG Version 2 History

Published

July 30, 2007

Author(s)

Peter M. Mell, Karen A. Scarfone, Gavin Reid

Abstract

This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendices that provide a historic record of the stages and subsequent rationale that led to the developed standard; however, it is not intended as a CVSS user guide. For detailed how-to information, please see the complete CVSS Guide.

Citation

FIRST

Pub Weblink

http://www.first.org/cvss/history.html

Pub Type

Websites

Download Paper

Local Download

Keywords

Security metrics, vulnerabilities, vulnerability scoring

Cybersecurity

Citation

Mell, P. , Scarfone, K. and Reid, G. (2007), CVSS-SIG Version 2 History, FIRST, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=51199, http://www.first.org/cvss/history.html (Accessed May 4, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created July 30, 2007, Updated February 19, 2017

CVSS-SIG Version 2 History

Author(s)

Abstract

Download Paper

Keywords

Citation

Additional citation formats

Issues