Pentest Severity

This is the level assigned to the vulnerability that determines: 

• The likelihood is that this will be exploited and cause damage to the business.
• Give a sense of urgency to fix it first. Helps with prioritization.

The severity of the pentest can be ranked in the next level

• Critical: The highest level of urgency/vulnerability. This level points out that the safety of the asset could cause major system loss, so it is required to be immediately stopped or assessed.

• High: Second highest level, this level signifies that this asset could cause major system damage. It requires immediate action.

• Medium: This level of severity signifies that there could be system damage, it requires fast and efficient action.

• Low: This level indicates that there may be system errors and dangers. These can be taken with more calmness than the higher severity levels.

• Informational: Also known as “Potential“ vulnerabilities. Useful information that doesn't necessarily have a real risk, such as installed software, open ports, and general information about what a system is and how it operates.