CompTIA CySA+ (CS0-003) — Question 189

Exploit code for a recently disclosed critical software vulnerability was publicly available for download for several days before being removed. Which of the following CVSS v.3.1 temporal metrics was most impacted by this exposure?

Answer options

• A. Remediation level
• B. Exploit code maturity
• C. Report confidence
• D. Availability

Correct answer: B

Explanation

The correct answer is B, as the availability of exploit code directly influences the maturity of the exploit; more accessible exploit code indicates a higher exploit code maturity. The other options, such as remediation level and report confidence, are related to how vulnerabilities are managed and reported but do not directly reflect the impact of publicly available exploit code.