What does the Base - CVSS metric represent?

The Base metric within the Common Vulnerability Scoring System (CVSS) represents characteristics of a vulnerability that are consistent across different environments. This means that the Base metrics provide a stable and fundamental measurement of the properties of a vulnerability itself, independent of the context in which the vulnerability exists or is exploited.

This set of metrics typically includes factors such as the attack vector, attack complexity, privileges required, user interaction, scope, and the impact on confidentiality, integrity, and availability. These characteristics are designed to remain constant regardless of where or how the vulnerability is applied, making it possible for organizations to assess vulnerabilities uniformly.

Other choices refer to varying aspects, like changes over time or being specific to an environment, which do not align with the core purpose of Base metrics. The Base metrics aim specifically for stable assessment characteristics rather than those that vary with context or time.