CVSS Scores in Nessus Plugins
For over a year now, Tenable has been including CVSS base scores in the plugins we write for Nessus as well as Passive Vulnerability Scanner (PVS) to give our customers an objective way to assess the risk of flaws those plugins test for. We've been calculating these scores in-house during the course of investigating vulnerabilities and how to test for them. Until recently, our efforts have been largely independent of NIST's own work in this area.
Since early November, though, Tenable has been using the CVSS scores that NIST calculates and includes in its National Vulnerability Database. We still calculate our own scores initially, as our plugins are often released at the same time -- or even slightly before -- CVE ids are issued. But a daily synchronization process reports differences and updates the plugins as necessary.
Tenable One
Request a demo
The world’s leading AI-powered exposure management platform.
Thank You
Thank you for your interest in Tenable One.
A representative will be in touch soon.
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success