sei-vsarvepalli
commented
1 year ago Here is the JSON representation of the CVSSv4 as a Decision Tree - we can save it for later. CVSS_v4_as_Tree_json.txt
Open ahouseholder opened 1 year ago
sei-vsarvepalli
commented
1 year ago Here is the JSON representation of the CVSSv4 as a Decision Tree - we can save it for later. CVSS_v4_as_Tree_json.txt
j---
commented
11 months ago We definitely arranged the equivalency sets in a decision tree. However, the process for community voting on assigning relative ranking (and therefore the labels 0.1 to 10.0) is probably more interesting than the fact that the equivalence sets are arranged into a decision tree.
Is there anything else to do for this? I don't see any further concrete value add.
ahouseholder
commented
11 months ago Is there anything else to do for this? I don't see any further concrete value add.
Yeah, I want this to exist in python because I want to be able to do things with it like use some of the other tooling I'm building on it.
CVSS v4 uses the concept of macrovectors. I'm not going to explain that here, check out the CVSS v4 spec for that.
It might be interesting to use SSVC to construct a model of CVSSv4 macrovectors -> CVSSv4 categories (Low, Medium, High, Critical) for demonstration purposes.