Reply To: Is Patch Prioritization Based on CVSS Scores Alone Misleading?

[Srivatsa]

Let’s not forget that CVSS includes metrics like exploitability. It’s not just about severity; it gives an indication of how easy a vulnerability is to exploit. That’s a critical factor for prioritization.