I'm using OpenVAS 9 and I noticed that all the vulnerabilities ranking from 7.0 to 10.0 are labeled as "High".
Is there a way to change this behavior, so that all the ones ranking from 9.0 to 10.0 can be labeled as "Critical" (as specified by CVSSv3)?
Many thanks! :-)
There are currently only the following four different severity ratings available within the settings (top right of the GSA Web GUI) of your user:
Here the classification of the vulnerability respective to the score can be defined.
NVD Vulnerability Severity Ratings
7.0 - 10.0: High
4.0 - 6.9: Medium
0.0 - 3.9: Low
BSI Vulnerability Traffic Light
7.0 - 10.0: Red
4.0 - 6.9: Yellow
0.0 - 3.9: Green
OpenVAS classic
5.1 - 10.0: High
2.1 - 5.0: Medium
0.0 - 2.0: Low
PCI-DSS
4.3 - 10.0: High
0.0 - 4.2: None
http://docs.greenbone.net/GSM-Manual/gos-4/en/gui_introduction.html#my-settings
Disclaimer: NVT Dev @ Greenbone
