What does the Base CVSS ranking metric denote?

The Base CVSS (Common Vulnerability Scoring System) ranking metric is designed to convey the unique characteristics of a vulnerability that are intrinsic to it, and that do not change over time or in different environments. This score provides a standardized way to understand the severity of vulnerabilities based on their exploitability and the impact they may have on impacted systems.

When evaluating a vulnerability using the Base CVSS metric, characteristics such as access complexity, attack vector, and impact on confidentiality, integrity, and availability are assessed. These aspects are crucial for organizations to prioritize their response to vulnerabilities based on the inherent risks they pose, regardless of external factors like a specific environment or time of release. This intrinsic nature of the Base score enables consistent vulnerability assessments across diverse platforms and contexts.