Nipper InfraSight reports include a table that maps CVSS v3.1 Attack Vector against Attack Complexity:
This view helps prioritise vulnerabilities based on how an attack can be performed and how difficult it is to exploit. This article explains what each column and row in that table represents.
Attack Vector (Columns)
Attack Vector describes where the attacker must be located to exploit a vulnerability.
Attack Complexity (Rows)
Attack Complexity describes how difficult it is to successfully exploit the vulnerability.
Important Notes
-
“Not Defined” does not mean low risk. It only means the CVSS metric was not specified.