We like that you show the macro vector when hovering the mouse over the score. As you know, each of the six digits in the macro vector correspond to each of the six equivalency sets. These six equivalency sets are really aggregate metrics with the names ‘exploitability’, ‘complexity’, ‘vulnerable system’, ‘subsequent system’, ‘exploitation’, and ‘security requirements’ respectively.
Would it be possible to show the value of each of these six metrics below the score? The value of the digits won’t be meaningful to people (especially since lower values are more severe). Thus, I’d map value 0 -> ‘High’, value 1 -> ‘Medium’, and value 2 -> ‘Low’. Note how I’m assuming you made the correction for equivalency set 3 per IMPROVEMENT 3 here. For example, I’m envisioning something like what I've typed below. We might ultimately want this to be displayed optionally (e.g., with a +/- sign toggle) but we can work on the best UI design later.
CVSS v4.0 Score 8.3 / High
Exploitability: High
Complexity: High
Vulnerable system: Medium
Subsequent system: Low
Exploitation: High
Security requirements: Medium
We like that you show the macro vector when hovering the mouse over the score. As you know, each of the six digits in the macro vector correspond to each of the six equivalency sets. These six equivalency sets are really aggregate metrics with the names ‘exploitability’, ‘complexity’, ‘vulnerable system’, ‘subsequent system’, ‘exploitation’, and ‘security requirements’ respectively.
Would it be possible to show the value of each of these six metrics below the score? The value of the digits won’t be meaningful to people (especially since lower values are more severe). Thus, I’d map value 0 -> ‘High’, value 1 -> ‘Medium’, and value 2 -> ‘Low’. Note how I’m assuming you made the correction for equivalency set 3 per IMPROVEMENT 3 here. For example, I’m envisioning something like what I've typed below. We might ultimately want this to be displayed optionally (e.g., with a +/- sign toggle) but we can work on the best UI design later.
CVSS v4.0 Score 8.3 / High Exploitability: High Complexity: High Vulnerable system: Medium Subsequent system: Low Exploitation: High Security requirements: Medium