Share with friends and colleagues on social media

After our announcement back in January this year, and a transition phase where we scored both version 2 and version 3, we will finally switch entirely to the Common Vulnerability Scoring System (CVSS) version 3.0 for vulnerability assessment with the beginning of 2018.

CVSS Logo

Customers who automatically check our v2 scoring will no longer see any values for new emerging security incidents starting in the first week of January 2018. However switching to the v3 scoring is really simple if you only check the base metrics score, as this is still a numerical result between 0.0 and 10.0.

With the switch to the new scoring system we will provide SUSE Linux Enterprise Live Patching for all kernel issues rated “High” or “Critical” (CVSS v3 score >= 7.0).

CVSS scores are only a simple representation of security vulnerabilities that allow stakeholders to act quickly on new emerging threats. This should not replace a closer look if a system is really vulnerable or not.

For more background details about CVSS v3, please revisit our blog post from January 2017.


Share with friends and colleagues on social media
Tags: , , , , ,
Category: Enterprise Linux, SUSE Linux Enterprise, SUSE Linux Enterprise Desktop, SUSE Linux Enterprise Live Patching, SUSE Linux Enterprise Server, Technical Solutions
This entry was posted Friday, 22 December, 2017 at 3:37 am
You can follow any responses to this entry via RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet