Skip to main content

Glossary

Glossary

Look up the meaning of acronyms and terms that are vital to, or commonly used in, Snow Risk Monitor.

Authorized user

A user who has the permission to access a certain application according to the rules set on the Intended access page.

Base score

The CVSS base score for a vulnerability represents the innate characteristics of the vulnerability. Besides base scores, the CVSS also includes the possibility to generate temporal and environmental scores to determine the severity of vulnerabilities, but it is common to use only the base score.

Base severity

The CVSS base score for a vulnerability translated into a qualitative representation, such as low, medium, high, and critical.

CVE

Common Vulnerabilities and Exposures. A list of publicly known cybersecurity vulnerabilities, maintained by MITRE. The list feeds the NVD, which in turn feeds Snow Risk Monitor.

CVE ID

The identifier number for a vulnerability on the CVE list, as defined by MITRE.

CVSS

Common Vulnerability Scoring System. A standard for assessing the severity of vulnerabilities, maintained by FIRST. It assigns a numerical score to the vulnerability, reflecting its severity. The CVSS is used by the NVD.

CWE

Common Weakness Enumeration. A list of common software and hardware weakness types, maintained by MITRE.

FIRST

The organization maintaining the CVSS.

MITRE

The organization maintaining the CVE and CWE lists.

NIST

National Institute of Standards and Technology. The organization maintaining the NVD.

NVD

National Vulnerability Database, maintained by NIST. Snow Risk Monitor uses the NVD data to identify vulnerabilities in your IT estate.

PII

Personally Identifiable Information. Information that can be used on its own or with other information to identify, contact, or locate a person, or to identify an individual in context.

PII risk application

An application designed to hold personally identifiable information.

SLM

Snow License Manager. A Snow technology that feeds Snow Risk Monitor with customer specific data on devices, users, and applications. Your organization must have a Snow License Manager license to be able to use Snow Risk Monitor.

Vulnerability

A weakness within a computer system or code.

Vulnerable application

An application containing one or more vulnerabilities.

Vulnerable device

A device with one or more vulnerable applications installed.

Vulnerable PII risk application

An application designed to hold personally identifiable information and which contains one or more vulnerabilities.

Vulnerable user

A user with access to one or more vulnerable devices.