Next Article in Journal
Technological Progress in Sulfur-Based Construction Materials: The Role of Modified Sulfur Cake in Concrete and Bitumen
Previous Article in Journal
Enhanced Path Planning by Repositioning the Starting Point
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 15
Issue 16
10.3390/app15168787
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Article

Automatic CVSS-Based Vulnerability Prioritization and Response with Context Information and Machine Learning

by
Artur Balsam
*,†,
Michał Walkowski
,
Maciej Nowak
,
Jacek Oko
and
Sławomir Sujecki
Faculty of Information and Communication Technology, Wrocław University of Science and Technology, Wyb. Wyspianskiego 27, 50-370 Wroclaw, Poland
*
Author to whom correspondence should be addressed.
These authors contributed equally to this work.
Appl. Sci. 2025, 15(16), 8787; https://doi.org/10.3390/app15168787
Submission received: 26 May 2025 / Revised: 26 July 2025 / Accepted: 29 July 2025 / Published: 8 August 2025
Versions Notes

Abstract

In the context of vulnerability management for data communication networks, determining which vulnerabilities to address first is of paramount importance. While identifying vulnerabilities using network scanners is relatively straightforward, efficiently prioritizing them for mitigation remains a significant challenge. Previously, our team developed a machine learning-based converter to translate CVSS v2.0 base scores into CVSS v3.x base scores, specifically to enable the use of the CVSS v3.x environmental score. The central question of this research is whether leveraging these converter-enabled CVSS v3.x environmental scores leads to a measurably improved vulnerability prioritization process compared to traditional methods, often reliant solely on CVSS v2.0 base scores. The environmental score potentially offers a more refined, context-specific perspective on vulnerability impact within specific systems. To evaluate this approach, we will test the converter’s performance in real-world environments and assess its impact on network administrator decision-making and workflows. Performance improvement will be measured by analyzing changes in mitigation times, potential threat exposure reduction, and overall vulnerability management efficiency. The ultimate goal is to determine if the proposed machine learning based methodology delivers practical benefits, enhancing organizational security through more accurate and effective vulnerability prioritization.Experimental results demonstrate that CVSS v3.x environmental scoring resolves critical v2.0 imprecision issues, enabling more accurate vulnerability prioritization. Our approach achieves measurable efficiency gains, reducing estimated remediation work hours by up to 8% compared to CVSS v2.0 methods. The study confirms that the proposed methodology delivers practical benefits, enhancing organizational security through more accurate and effective vulnerability prioritization.
Keywords: cybersecurity; risk-based vulnerability management; common vulnerability scoring system; machine learning cybersecurity; risk-based vulnerability management; common vulnerability scoring system; machine learning

Share and Cite

MDPI and ACS Style

Balsam, A.; Walkowski, M.; Nowak, M.; Oko, J.; Sujecki, S. Automatic CVSS-Based Vulnerability Prioritization and Response with Context Information and Machine Learning. Appl. Sci. 2025, 15, 8787. https://doi.org/10.3390/app15168787

AMA Style

Balsam A, Walkowski M, Nowak M, Oko J, Sujecki S. Automatic CVSS-Based Vulnerability Prioritization and Response with Context Information and Machine Learning. Applied Sciences. 2025; 15(16):8787. https://doi.org/10.3390/app15168787

Chicago/Turabian Style

Balsam, Artur, Michał Walkowski, Maciej Nowak, Jacek Oko, and Sławomir Sujecki. 2025. "Automatic CVSS-Based Vulnerability Prioritization and Response with Context Information and Machine Learning" Applied Sciences 15, no. 16: 8787. https://doi.org/10.3390/app15168787

APA Style

Balsam, A., Walkowski, M., Nowak, M., Oko, J., & Sujecki, S. (2025). Automatic CVSS-Based Vulnerability Prioritization and Response with Context Information and Machine Learning. Applied Sciences, 15(16), 8787. https://doi.org/10.3390/app15168787

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop