Enum cvss::v3::base::av::AttackVector

pub enum AttackVector {
    Physical,
    Local,
    Adjacent,
    Network,
}

Attack Vector (AV) - CVSS v3.1 Base Metric Group

Described in CVSS v3.1 Specification: Section 2.1.1: https://www.first.org/cvss/specification-document#t6

This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the Base Score) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable component. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater Base Score.

Variants

Physical

Physical (P)

The attack requires the attacker to physically touch or manipulate the vulnerable component. Physical interaction may be brief (e.g., evil maid attack) or persistent. An example of such an attack is a cold boot attack in which an attacker gains access to disk encryption keys after physically accessing the target system. Other examples include peripheral attacks via FireWire/USB Direct Memory Access (DMA).

Local

Local (L)

The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Either:

• the attacker exploits the vulnerability by accessing the target system locally (e.g., keyboard, console), or remotely (e.g., SSH)
• the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability (e.g., using social engineering techniques to trick a legitimate user into opening a malicious document).

Adjacent

Adjacent (A)

The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology. This can mean an attack must be launched from the same shared physical (e.g., Bluetooth or IEEE 802.11) or logical (e.g., local IP subnet) network, or from within a secure or otherwise limited administrative domain (e.g., MPLS, secure VPN to an administrative network zone). One example of an Adjacent attack would be an ARP (IPv4) or neighbor discovery (IPv6) flood leading to a denial of service on the local LAN segment (e.g., CVE‑2013‑6014).

Network

Network (N)

The vulnerable component is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service (DoS) by sending a specially crafted TCP packet across a wide area network (e.g., CVE‑2004‑0230).

Trait Implementations

impl Metric for AttackVector

const NAME: &'static str

Name of the metric (e.g. A, AC, AV)

fn score(self) -> f64

Get CVSS v3.1 score for this metric

fn as_str(self) -> &'static str

Get str describing this metric's value

impl Ord for AttackVector

fn cmp(&self, other: &AttackVector) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

🔬 This is a nightly-only experimental API. (clamp)

Restrict a value to a certain interval.

impl PartialOrd<AttackVector> for AttackVector

fn partial_cmp(&self, other: &AttackVector) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

#[must_use] fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

#[must_use] fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

#[must_use] fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

#[must_use] fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl PartialEq<AttackVector> for AttackVector

fn eq(&self, other: &AttackVector) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use] fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Clone for AttackVector

fn clone(&self) -> AttackVector

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Eq for AttackVector

impl Copy for AttackVector

impl Display for AttackVector

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Debug for AttackVector

fn fmt(&self, f: &mut Formatter) -> Result

Formats the value using the given formatter.

impl FromStr for AttackVector

type Err = Error

The associated error which can be returned from parsing.

fn from_str(s: &str) -> Result<Self, Error>

Parses a string s to return a value of this type.