A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?
A) The client has applied a hot fix without updating the version.
B) The threat landscape has significantly changed.
C) The client has updated their codebase with new features.
D) Thera are currently no known exploits for this vulnerability.

Question

Quizplus · Accepted Answer

The Answer of A penetration tester delivers a web application vulnerability scan report to a client. The penetration tester rates a vulnerability as medium severity. The same vulnerability was reported as a critical severity finding on the previous report. Which of the following is the MOST likely reason for the reduced severity?
A) The client has applied a hot fix without updating the version.
B) The threat landscape has significantly changed.
C) The client has updated their codebase with new features.
D) Thera are currently no known exploits for this vulnerability.

A Penetration Tester Delivers a Web Application Vulnerability Scan Report