• @mwguy
    link
    English
    111 months ago

    I get why they’re doing it. But the truth is that there are still places using CVSS 2.0 to grade their vulnerabilities. The switch to CVSS 4.0 is going to take forever unless there’s some conversion logic from 3->4.

    • @N7xOP
      link
      English
      110 months ago

      That’s kind of legacy debt at some point. I understand why they still want to move towards evolving the standard