Severity

Severity is a categorization of the risk and urgency of a vulnerability.

For more information, see CVSS Scores vs. VPR.

CVSS-Based Severity

When you view vulnerabilities in scan results, Nessus displays severity based on CVSSv2 scores or CVSSv3 scores, depending on your configuration.

  • You can choose whether Nessus calculates the severity of vulnerabilities using CVSSv2 or CVSSv3 scores by configuring your default severity base setting. For more information, see Configure Your Default Severity Base.

  • You can also configure individual scans to use a particular severity base, which overrides the default severity base for those scan results. For more information, see Configure Severity Base for an Individual Scan.

VPR

You can also view the top 10 vulnerabilities by VPR threat. For more information, see View VPR Top Threats.