Episode 11: CV$$, Web Cache Deception, and SSTI
Critical Thinking - Bug Bounty Podcast
00:00
The Impact of Attack Complexity on Vulnerability Scores
Attack complexity is this metric meant to impact the vulnerability score based off of whether there is some condition outside of the attacker's control that needs to be in place. The exploitation scenarios for UUID idors are substantially less than, um, you know, innumerable IDors and a numeral IDid. One way that you could approach that is by setting attack complexity to high,. Your severity will take a hit for that for sure.
Transcript
Play full episode
