Skip to content

Risk Ratings

Each vulnerability has a risk rating assigned. The following is a description of the different categories.

  • High, Medium, Low: confirmed vulnerabilities with a different score that considers the impact and complexity.
  • Hardening: absence of hardening measures that can prevent and mitigate the impact of certain vulnerabilities.
  • Potentially: non-confirmed vulnerabilities that may depend on context and usage.
  • Secure: applies to vulnerabilities and hardening mechanisms, this indicates that tests confirm the absence of the vulnerability, or the implementation of the security measure.
  • Important, Info: Informative findings that can help with manual assessment, understanding of application behavior or confirming certain aspects of the application, like using a certificate to sign the application.

Risk Ratings