Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVSS-SIG Version 2 History

Published

Author(s)

Peter M. Mell, Karen A. Scarfone, Gavin Reid

Abstract

This document attempts to interpret the history and rationale behind changes made in the Common Vulnerability Scoring System (CVSS) from version 1 to version 2 (referred to as CVSS v1 and v2 in this document.) This document contains multiple appendices that provide a historic record of the stages and subsequent rationale that led to the developed standard; however, it is not intended as a CVSS user guide. For detailed how-to information, please see the complete CVSS Guide.
Citation
FIRST

Keywords

Security metrics, vulnerabilities, vulnerability scoring

Citation

Mell, P. , Scarfone, K. and Reid, G. (2007), CVSS-SIG Version 2 History, FIRST, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=51199, http://www.first.org/cvss/history.html (Accessed December 8, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created July 30, 2007, Updated February 19, 2017