Vulnerabilities Checklists Product Dictionary Impact Metrics Data Feeds Statistics
Home ISAP/SCAP SCAP Validated Tools SCAP Events About Contact Vendor Comments
CVSS Scoring Page (CVE-2006-4335)
This page shows the components of the CVSS score for CVE-2006-4335 and allows you to refine the CVSS base score. Please read the CVSS standards guide to fully understand how to score CVSS vulnerabilities and to interpret CVSS scores. The scores are computed in sequence such that the Base Score is used to calculate the Temporal Score and the Temporal Score is used to calculate the Environmental Score. A concise form of this page is available to CVSS experts.
Reset Scores
CVSS Base Score
  4.7
CVSS Temporal Score
  Undefined
CVSS Environmental Score
  Undefined
Overall CVSS Score
  4.7
Base Score Metrics

These metrics describe inherent characteristics of the vulnerability. These scores have already been calculated for this vulnerability.

Exploitability Metrics

Related exploit range
(AccessVector)
Attack complexity
(AccessComplexity)
Level of authentication needed
(Authentication)

Impact Metrics

Confidentiality impact
(ConfImpact)
Integrity impact
(IntegImpact)
Availability impact
(AvailImpact)
Impact value weighting
(ImpactBias)









Environmental Score Metrics

This section addresses metrics that describe the effect of a vulnerability within an organization's environment. These metrics must calculated separately for each organization.

Organization specific potential for loss
(CollateralDamagePotential)
Percentage of vulnerable systems
(TargetDistribution)
Temporal Score Metrics

These metrics describe elements about the vulnerability that change over time. If all of these values are left as 'Undefined', the environmental score will be based on the base score.

Availability of exploit
(Exploitability)
Type of fix available
(RemediationLevel)
Level of verification that vulnerability exists
(ReportConfidence)

Disclaimer Notice & Privacy Statement / Security Notice

Send comments or suggestions to nvd@nist.gov

NIST Computer Security Resource Center (CSRC)

NIST is an Agency of the U.S. Commerce Department

Full vulnerability listing