You are viewing a plain text version of this content. The canonical link for it is here.

Posted to infrastructure-issues@apache.org by "Demetrius Tsitrelis (JIRA)" <ji...@apache.org> on 2014/07/25 02:21:38 UTC

[jira] [Created] (INFRA-8096) Add a field for CVSS score

Demetrius Tsitrelis created INFRA-8096:
------------------------------------------

             Summary: Add a field for CVSS score
                 Key: INFRA-8096
                 URL: https://issues.apache.org/jira/browse/INFRA-8096
             Project: Infrastructure
          Issue Type: Bug
          Components: JIRA
            Reporter: Demetrius Tsitrelis


The CloudStack security team employs the Common Vulnerability Scoring System to rate the exploitability and impact of security bugs (https://cwiki.apache.org/confluence/display/CLOUDSTACK/Security+response+procedure).  This is a positive real number less than or equal to 10.  While the CVSS score could be placed into the issue description field, discussions with the team indicate that it would advantageous to have a distinct field so that bugs of various severity (or with no severity) could be filtered in queries.



--
This message was sent by Atlassian JIRA
(v6.2#6252)