Home » Features » <a href="/vulnerability-management/features.html">Features</a> » How to Use CVSS Scores and Beyond to Rank Vulnerabilities by Risk

How to Use CVSS Scores and Beyond to Rank Vulnerabilities by Risk

Key Points
Need for CVSS Scores: Explains why relying on raw vulnerability counts is ineffective and why prioritization based on CVSS and contextual factors is essential.
What is CVSS Based Vulnerability Ranking: Describes how Vulnerability Manager Plus interprets CVSS severity and additional indicators such as exploit status, age and patch availability to form actionable priority lists.
Quick Setup: Provides step by step guidance for using the Software Vulnerabilities view, risk filters, CVE search and age based prioritization features to build ranked remediation queues.

Introduction

Large IT environments generate continuous streams of vulnerability data, but not every issue presents the same level of risk. Prioritizing by CVSS alone is not enough without considering exploitability and exposure. Vulnerability Manager Plus helps convert CVSS scoring and additional context into practical remediation order so teams can focus on the most impactful fixes first.

Close security gaps before they’re exploited!

Secure your devices

What is CVSS Based Vulnerability Ranking?

CVSS based vulnerability ranking in Vulnerability Manager Plus is the practice of ordering vulnerabilities based on their severity score along with complementary risk factors. The platform combines CVSS levels with exploit status, published age, discovered age, patch availability and zero day relevance. These combined attributes allow you to refine thousands of findings into a focused list of vulnerabilities that deserve immediate attention.

Quick Setup

Use these steps to start ranking vulnerabilities by CVSS and related context within the Vulnerability Manager Plus console.

Step 1: Access detected vulnerabilities

  1. Sign in to the Vulnerability Manager Plus console.
  2. Go to Threats and select Software Vulnerabilities.
  3. Review the list of all vulnerabilities detected across managed devices.

This view forms the baseline from which CVSS and risk filters can be applied.

Step 2: Apply CVSS and risk based filters

  1. Open Filters within the Software Vulnerabilities view.
  2. Filter by Severity, choosing from Low, Moderate, Important or Critical.
  3. Filter by Exploit Status to highlight vulnerabilities with known exploit code.
  4. Filter by Patch Availability to bring quick fix opportunities to the top.
  5. Apply CVSS score based filtering options to prioritize vulnerabilities numerically.

These filtering mechanisms help you narrow findings to those with the highest risk indicators.

For deeper reference, see the Vulnerability Assessment and Prioritization guide.

Step 3: Identify priority issues using CVE search

  • In ThreatsSoftware Vulnerabilities, use Search by CVE ID.
  • Enter high profile or externally mandated CVEs to quickly filter the list.
  • Select affected entries to proceed with remediation.

This step is essential when responding to regulatory bulletins or targeted security advisories.

Step 4: Prioritize using the Vulnerability Age Matrix

  1. In the console, go to Dashboard → HomeVulnerability Age Matrix.
  2. View how vulnerabilities are grouped by both severity and age.
  3. Choose whether to calculate age by published date or discovered date.
  4. Select any cell representing older or long standing high severity issues.
  5. Review the resulting list and move those vulnerabilities to the top of your remediation plan.

This allows teams to identify older vulnerabilities that remain unaddressed and may carry higher risk.

Start your 30-day free trial and protect unlimited endpoints with end to end vulnerability scanning, prioritization, and mitigation.