The Common Vulnerability ScoringSystem (CVSS) is an initiative by several well-known companies to create a rating system for determining vulnerabilities in IT security.
This rating index establishes uniform, cross-platform benchmarks for the risk potential of discovered vulnerabilities. The evaluation incorporates not only external factors, but also criteria defined by the administrator.
The CVSS index defines mathematical schemes that administrators can customize to meet their needs. The CVSS rating is intended to make vulnerabilities comparable.
The definition of vulnerability is the threat to confidentiality, integrity and the availability of IT systems.