Comment: CISA overzealousness makes CVSS scores worthless
⚡ Quick Summary
CVSS ad absurdum: Two “low” vulnerabilities in Apache Tomcat almost became heisec alert candidates thanks to extremely idiosyncratic CISA vulnerability.