This is an old revision of the document!
Priority and severity ratings
This is a guideline to help our customers prioritize updates and to assess the security impact of known software vulnerabilities.
Priority ratings
The definitions of the priority ratings are:
| Priority | Definition |
|---|---|
| 1 | This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Lime recommends administrators install the update as soon as possible. (for example, within 72 hours). |
| 2 | This update resolves vulnerabilities in a product that has historically been at elevated risk. There are currently no known exploits. Based on previous experience, we do not anticipate exploits are imminent. As a best practice, Lime recommends administrators install the update soon (for example, within 30 days). |
| 3 | This update resolves vulnerabilities in a product that has historically not been a target for attackers. Lime recommends administrators install the update at their discretion. |
Severity ratings
The definitions of the severity ratings are:
| Severity | Definition |
|---|---|
| Critical | A vulnerability, which, if exploited would allow malicious native-code to execute, potentially without administrators being aware. |
| Important | A vulnerability, which, if exploited would compromise data security, potentially allowing access to confidential data, or could compromise processing resources. |
| Moderate | A vulnerability that is limited to a significant degree by factors such as default configuration, auditing, or is difficult to exploit. |