CVSS3 and severity

CVSS (Common Vulnerability Scoring System) is a standard measure of a vulnerability’s severity. It takes several factors into account, such as impact, temporal and environmental metrics. For a dataset that I’m working on, this is a comparison of the CVSS3 score against the more coarse grained “severity” score. We normalise the impact data (originally from $[0, 3]$) as well as the cvss3_score and produce a regression plot.

from sklearn import preprocessing
import numpy as np

scaler = preprocessing.MinMaxScaler()
scaled_data = scaler.fit_transform(data)
sns.regplot(x=scaled_data[:,0],
            y=scaled_data[:,1],
            x_estimator=np.mean)
ax.set(xlabel='CVSS3', ylabel='Impact')