中文摘要：

利用统计分析方法对通用漏洞评分系统（CVSS）的环境评分值的分布特点进行了研究,得出了环境评分值中存在众数的结论,并得到了环境评分值的最大偏离值与基本评分值之间的函数关系.最后从美国国家漏洞数据库NVD中提取了三个严重程度分别为高、中、低的漏洞信息对所得结论进行了验证.结果表明,漏洞的环境评分值中存在众数,而且环境评分值的最大偏离值与基本评分值之间满足上述函数关系.

英文摘要：

The distribution of CVSS（ common vulnerability scoring system）environmental scores is using statistical analy- sis. Two conclusions are obtained：first, for any given vulnerability, there is a Mode in its CVSS environmental scores set ; Second, the relationship between the maximum variation of environmental scores and the base score satisfies sta- tistical functions. Three vulnerabilities are extracted from NVD to verify these conclusions. The results show that there is a Mode in environmental scores, and the relationship between the maximum variation of environmental scores and the base score satisfies the function proposed in this paper