Severity

The Severity of vulnerability refers to the level of impact an attack could have if the vulnerability were exploited. There are four levels of impact:

Critical
A vulnerability, which if exploited, would allow remote execution of malicious code without user action.

Important
A vulnerability, which if exploited, would directly impact the confidentiality, integrity or availability of user’s data or processing resources.

Moderate
A vulnerability where exploitation is mitigated by factors such as difficulty to exploit, default configuration or ease of identification.

Low
A vulnerability where scope and impact of exploitation is restricted and the ability to exploit is extremely difficult.