Popularity:

The frequency with which we estimate the attack takes place in the wild. Directly correlates with the Simplicity fi eld: 1 is the most rare, 10 is used a lot.

Simplicity:

The degree of skill necessary to execute the attack: 10 is using a widespread point-and-click tool or an equivalent, 1 is writing a new exploit yourself. The values around 5 are likely to indicate a diffi cult-to-use available command-line tool that requires knowledge of the target system or protocol by the attacker.

Impact:

The potential damage caused by successful attack execution. Usually varies from 1 to 10: 1 is disclosing some trivial information about the device or network, 10 is getting enable on the box or being able to redirect, sniff, and modify network traffic.

Risk Rating:

This value is obtained by averaging the three previous values.