The Severity of vulnerability refers to the level of impact an attack could have if the vulnerability were exploited. There are four levels of impact:
A vulnerability, which if exploited, would allow remote execution of malicious code without user action.
A vulnerability, which if exploited, would directly impact the confidentiality, integrity or availability of user’s data or processing resources.
A vulnerability where exploitation is mitigated by factors such as difficulty to exploit, default configuration or ease of identification.
A vulnerability where scope and impact of exploitation is restricted and the ability to exploit is extremely difficult.