Skip to content

Risk Rating

Each vulnerability has a risk rating assigned. The following is a description of the different categories.

1. Critical

Critical vulnerabilities pose a severe threat to the system's security. Exploitation of these vulnerabilities could lead to significant damage, leakage of sensitive data, or complete system compromise.

2. High, Medium and Low

High, Medium and Low vulnerabilities are confirmed vulnerabilities with a different score that considers the impact and complexity.

3. Hardening

The hardening findings highlights the absence of security measures that could prevent or mitigate the impact of certain vulnerabilities. This indicates a need for implementing security measures to enhance the overall security of the system.

4. Potentially

Potentially findings are non-confirmed vulnerabilities that may depend on context and usage.

5. Secure

The secure findings indicates that tests confirm the absence of the vulnerability or the successful implementation of security measures.

6. Important, Info

Important and Info are Informative findings that can help with manual assessment, understanding of application behavior or confirming certain aspects of the application, like using a certificate to sign the application.