IBM X-Force® risk levels provide a quick way to determine the severity of an attack without analyzing the details of an event. Use X-Force risk levels to help you to determine whether an attack is a threat.
How to view X-Force risk levels on the Console
The X-Force provides a severity level for each event that appears on the Console. The risk level appears in the Severity column of the Analysis views.
X-Force risk levels
The X-Force assigns
a risk level for each event to describe the extent of damage that
the event can cause.
| Risk Level | Description |
|---|---|
High  |
Security issues that allow immediate remote or local access, or immediate execution of code or commands, with unauthorized privileges. Examples include most buffer overflows, back doors, a default password or no password, and bypassing security on firewalls or other network components. |
Medium  |
Security issues that have the potential of granting access or allowing code execution by using complex or lengthy exploit procedures. Also, low risk issues that are applied to major Internet components. Examples include cross-site scripting, man-in-the-middle attacks, SQL injection, denial of service of major applications, and denial of service that results in system information disclosure (such as core files). |
Low  |
Security issues that deny service or provide non-system information that might be used to formulate structured attacks on a target, but not to directly gain unauthorized access. Examples include brute force attacks, non-system information disclosure (such as configurations and paths), and denial of service attacks. |