{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,28]],"date-time":"2026-01-28T05:21:45Z","timestamp":1769577705792,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,26]],"date-time":"2024-11-26T00:00:00Z","timestamp":1732579200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Fapeerj","award":["E-26\/201.376\/2021"],"award-info":[{"award-number":["E-26\/201.376\/2021"]}]},{"name":"CNPq","award":["315106\/2023-9"],"award-info":[{"award-number":["315106\/2023-9"]}]},{"name":"CAPES"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,11,26]]},"DOI":"10.1145\/3697090.3697109","type":"proceedings-article","created":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T07:06:08Z","timestamp":1733900768000},"page":"17-27","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["How Context Impacts Vulnerability Severity: An Analysis of Product-Specific CVSS Scores"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-6795-2631","authenticated-orcid":false,"given":"Lucas Senos","family":"Coutinho","sequence":"first","affiliation":[{"name":"Federal University of Rio de Janeiro, Rio De Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8953-4003","authenticated-orcid":false,"given":"Daniel","family":"Menasche","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro, Rio De Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-1589-0209","authenticated-orcid":false,"given":"Lucas","family":"Miranda","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro, Rio De Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-8814-236X","authenticated-orcid":false,"given":"Enrico","family":"Lovat","sequence":"additional","affiliation":[{"name":"Siemens, Princeton, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-2755-629X","authenticated-orcid":false,"given":"Srivastava Gaurav","family":"Kumar","sequence":"additional","affiliation":[{"name":"Siemens, Princeton, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-9228-1702","authenticated-orcid":false,"given":"Abhishek","family":"Ramchandran","sequence":"additional","affiliation":[{"name":"Siemens, Princeton, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2549-9146","authenticated-orcid":false,"given":"Anton","family":"Kocheturov","sequence":"additional","affiliation":[{"name":"Siemens, Princeton, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8904-0620","authenticated-orcid":false,"given":"Tobias","family":"Limmer","sequence":"additional","affiliation":[{"name":"Siemens, Munich, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,12,10]]},"reference":[{"key":"e_1_3_3_2_2_2","doi-asserted-by":"crossref","unstructured":"Luca Allodi Marco Cremonini Fabio Massacci et\u00a0al. 2020. Measuring the accuracy of software vulnerability assessments: experiments with students and professionals. Empirical Softw. Engin. 25 (2020) 1063\u20131094.","DOI":"10.1007\/s10664-019-09797-4"},{"key":"e_1_3_3_2_3_2","doi-asserted-by":"crossref","unstructured":"Luca Allodi and Fabio Massacci. 2014. Comparing vulnerability severity and exploits using case-control studies. ACM TISSEC 17 1 (2014) 1\u201320.","DOI":"10.1145\/2630069"},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"crossref","unstructured":"Afsah Anwar et\u00a0al. 2021. Cleaning the NVD: Comprehensive quality assessment improvements and analyses. IEEE Transactions on Dependable and Secure Computing 19 6 (2021) 4255\u20134269.","DOI":"10.1109\/TDSC.2021.3125270"},{"key":"e_1_3_3_2_5_2","doi-asserted-by":"crossref","unstructured":"Joana\u00a0Cabral Costa Tiago Roxo Jo\u00e3o\u00a0BF Sequeiros Hugo Proenca and Pedro\u00a0RM Inacio. 2022. Predicting CVSS metric via description interpretation. IEEE Access 10 (2022) 59125\u201359134.","DOI":"10.1109\/ACCESS.2022.3179692"},{"key":"e_1_3_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/SANER53432.2022.00050"},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00022"},{"key":"e_1_3_3_2_8_2","first-page":"869","volume-title":"USENIX Security","author":"Dong Ying","year":"2019","unstructured":"Ying Dong, Wenbo Guo, Yueqi Chen, et\u00a0al. 2019. Towards the detection of inconsistencies in public security vulnerability reports. In USENIX Security. 869\u2013885."},{"key":"e_1_3_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407038"},{"key":"e_1_3_3_2_10_2","unstructured":"FIRST. 2024. https:\/\/www.first.org\/cvss\/v3.1\/specification-document."},{"key":"e_1_3_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.52"},{"key":"e_1_3_3_2_12_2","volume-title":"Consistency of CVSS","author":"Group Human Factors in Security and Privacy","year":"2024","unstructured":"Human Factors in Security and Privacy Group. 2024. Consistency of CVSS. https:\/\/www.cs1.tf.fau.de\/research\/human-factors-in-security-and-privacy-group\/consistency-of-cvss\/"},{"key":"e_1_3_3_2_13_2","doi-asserted-by":"crossref","unstructured":"Atefeh Khazaei et\u00a0al. 2016. An automatic method for CVSS score prediction using vulnerabilities description. Journal of Intelligent & Fuzzy Systems 30 1 (2016).","DOI":"10.3233\/IFS-151733"},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"crossref","unstructured":"Philipp K\u00fchn David\u00a0N Relke and Christian Reuter. 2023. Common vulnerability scoring system prediction based on open source intelligence information sources. Computers & Security 131 (2023) 103286.","DOI":"10.1016\/j.cose.2023.103286"},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528433"},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW53611.2021.00097"},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/3361149.3361172"},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"crossref","unstructured":"Fabio Massacci. 2024. The Holy Grail of Vulnerability Predictions. IEEE S&P 22 1 (2024) 4.","DOI":"10.1109\/MSEC.2023.3333936"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"crossref","unstructured":"Nancy\u00a0R Mead and Ted Stehney. 2005. Security quality requirements engineering (SQUARE) methodology. ACM SIGSOFT Software Engineering Notes 30 4 (2005) 1\u20137.","DOI":"10.1145\/1082983.1083214"},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA52953.2021.00256"},{"key":"e_1_3_3_2_21_2","first-page":"58","volume-title":"IEEE S&P","author":"Wunder Julia","year":"2023","unstructured":"Julia Wunder, Andreas Kurtz, Christian Eichenm\u00fcller, Freya Gassmann, and Zinaida Benenson. 2023. Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities. In IEEE S&P. 58\u201358."},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/CloudCom59040.2023.00039"}],"event":{"name":"LADC 2024: 13th Latin-American Symposium on Dependable and Secure Computing","location":"Recife Brazil","acronym":"LADC 2024"},"container-title":["Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3697090.3697109","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3697090.3697109","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:17:33Z","timestamp":1750295853000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3697090.3697109"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,26]]},"references-count":21,"alternative-id":["10.1145\/3697090.3697109","10.1145\/3697090"],"URL":"https:\/\/doi.org\/10.1145\/3697090.3697109","relation":{},"subject":[],"published":{"date-parts":[[2024,11,26]]},"assertion":[{"value":"2024-12-10","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}