CVSS 3.1 Calculator

Score vulnerabilities using the CVSS 3.1 base metrics. Parse vector strings, compare scores side-by-side, and copy as markdown for reports.

X LinkedIn Reddit

Vulnerability Presets

9.8

Base

CriticalCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AVAttack Vector

ACAttack Complexity

PRPrivileges Required

UIUser Interaction

SScope

CConfidentiality

IIntegrity

AAvailability

Remediation Advisor— how to lower the score

1Require high privileges-2.6→ 7.2

2Add attack complexity (multi-factor auth, rate limiting)-1.7→ 8.1

3Require local access (no remote exploitation)-1.4→ 8.4

4Restrict to adjacent network (firewall/segmentation)-1.0→ 8.8

5Require authentication (low privileges)-1.0→ 8.8

About CVSS 3.1

The Common Vulnerability Scoring System (CVSS) is an industry standard for assessing the severity of security vulnerabilities. The base score ranges from 0.0 to 10.0, calculated from 8 metrics covering exploitability and impact. Temporal metrics adjust based on exploit maturity and remediation status. Environmental metrics customize the score for your specific deployment context.

All three metric groups (Base, Temporal, Environmental) are now supported

Related Tools

Pentest Findings Documenter

Document vulnerabilities and export pentest reports.

OWASP Top 10 Checklist

Generate custom OWASP Top 10 test checklists by stack.

Attack Chain Builder

Build and visualize multi-step attack chains.

Security Header Scanner

Scan any URL for missing security headers with A+ to F grade.

$loading...