Vulnerability Severity: Bitsight Severity & CVSS Ingrid Some vulnerabilities are more critical than others. They carry a greater weight than less critical vulnerabilities that are observed over the same time period.Criticality is summarized by Bitsight severity. Bitsight severity is based on the Common Vulnerability Scoring System (CVSS), a scoring system that uses various properties of the vulnerability for determining its level of severity. Bitsight uses CVSS v.3.0 for scoring in the platform. Bitsight Severity: Minor Slug name: minor CVSS: 0.0 - 3.9 Bitsight Severity: Moderate Slug name: moderate CVSS: 4.0 - 6.9 Bitsight Severity: Material Slug name: material CVSS: 7.0 - 8.9 Bitsight Severity: Severe Slug name: severe CVSS: 9.0 - 10.0 October 18, 2024: Updated title to cover both Bitsight severity and CVSS scales. August 20, 2024: Embedded associated icons. January 13, 2021: Published. Related articles What is a Bitsight Security Rating? How are Bitsight Security Ratings Calculated Within Parent-Subsidiary Relationships? How is the Web Application Headers Risk Vector Assessed? Web Application Header Finding Grades Finding Behavior Feedback 0 comments Please sign in to leave a comment.