How do i Identify CVE score of the victim's vulnerability?

To identify the CVE (Common Vulnerabilities and Exposures) score of a vulnerability, follow these steps:

• Find the CVE Identifier: Determine the CVE ID associated with the vulnerability from security reports or advisories.

• Use the CVE Database: Visit the National Vulnerability Database (NVD) or the MITRE CVE database and search for the CVE ID.

• Check CVSS Score: The CVE entry will include a CVSS (Common Vulnerability Scoring System) score, which quantifies the severity of the vulnerability. This score ranges from 0.0 to 10.0, indicating the potential impact.

• Review Details: Analyze the CVSS metrics to understand how the score was derived and what factors contribute to the severity assessment.

This process helps assess the risk and prioritize remediation efforts effectively.

Akto tags API vulnerabilities with relevant CVEs during API security testing. Akto also maintains a comprehensive CVE Vulnerability and Exploit Database.