Setting the Common Vulnerability Scoring System (CVSS) Version
Code Insight can be configured to use either CVSS v2.0 or CVSS v3.x (3.1 and 3.0) for security vulnerability CVSS scores and severities. Initially, the system defaults to CVSS v2.0.
Switching between CVSS versions will affect CVSS scores and severity values for vulnerabilities, as displayed in the Web user interface (see “Security Vulnerabilities Associated with Inventory” in the Code Insight User Guide). The change also has an impact on policies based on CVSS scores and vulnerability severities (see “Managing Policies” in the Code Insight User Guide).
Refer to the following topics for more information about setting the CVSS version: