Entity Role Values

Describes the role an associated Context performs in the vulnerability scenario being described.

Values

  • Security Authority: See CVSS v3.1 Section 2.2 for a full description of security authorities.
    • Primary: Associated Context is the primary security authority of the vulnerability scenario.
    • Secondary: Associated Context is a secondary security Authority of the vulnerability scenario.
  • Component: See CVSS v3.0 Section 2.2 for a full description of security authorities.
    • Vulnerable: Associated Context is considered to contain the vulnerability.
    • Impacted: Associated Context is is where impacts of the vulnerability are realized. The Impacted Component may or may not be the Vulnerable Component.

Graph View

Entity Role Graph