请教高人 安全测试的缺陷等级是怎么划分的

nanmu

请教高人 安全测试的缺陷等级是怎么划分的，我们公司主要是做网站的，就网站方面的安全缺陷等级的划分，希望大家能给点建议

nanmu

没有具体一点的等级划分吗

nanmu

这个是安全扫描工具里定义的，自己翻译一下吧，哪个工具我忘记了

High Risk Alert Level 3 – Vulnerabilities categorized as the
most dangerous, which put a site at maximum risk for hacking
and data theft.
Medium Risk Alert Level 2 – Vulnerabilities caused by server
miss-configuration and site-coding flaws, which facilitate server
disruption and directory intrusion.
Low Risk Alert Level 1 – Vulnerabilities derived from lack of
encryption for data traffic, or directory path disclosures.
Informational Alert – Sites which are susceptible to revealing
information through GHDB search strings, or email addresses
disclosure.