DREAD Rating System

The DREAD rating system is designed to provide a flexible rating solution that is based on the answers to five main questions about each threat:

• Damage potential: How severe is the damage likely to be if the threat is realized?
• Reproducibility: How complicated is it for attackers to reproduce the exploit?
• Exploitability: How hard is it to perform the attack?
• Affected users: How many users are likely to be affected by the attack (as a percentage)?
• Discoverability: How hard is it for an attacker to discover the weakness?