CVE impact score

The CVE impact score enables you to identify the CVEs in your environment with the biggest impact on your company's Risk Index. Attack Surface Risk Management calculates a different impact score for each affected asset as well as an impact score for the individual CVE. CVE impact scores are unique to your assets and environment. Scores are calculated based on affected asset criticality, impact scope, global exploit potential, and number of exploit attempts detected.

CVE impact scores are organized into high, medium, and low impact.

• High impact score: Scores from 70 to 100
• Medium impact score: Scores from 31 to 69
• Low impact score: Scores from 0 to 30

CVEs with low impact scores only display if you have a third-party vulnerability assessment tool connected to Trend Vision One, have enabled full CVE assessment in Cloud Accounts, or have configured internal asset CVE coverage to assess for all CVEs.

The CVE impact score displayed in the Detected Vulnerabilities table represents only the highest score among all affected assets. Click the number in the Impact scope column to view the latest score for each affected asset.