This Recommendation provides a standardized approach for communicating the characteristics and impacts of ICT vulnerabilities using temporal and environmental metrics that apply contextual information to more accurately reflect the risk to each user's unique environment. This Recommendation is technically equivalent and compatible with the "Common Vulnerability Scoring System (CVSS) version 2," 20 June 2007 which can be found at the website http://www.first.org/cvss