privilegesRequired property

This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability. Possible string values are:

"PRIVILEGES_REQUIRED_UNSPECIFIED" : Invalid value.
"PRIVILEGES_REQUIRED_NONE" : The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack.
"PRIVILEGES_REQUIRED_LOW" : The attacker requires privileges that provide basic user capabilities that could normally affect only settings and files owned by a user. Alternatively, an attacker with Low privileges has the ability to access only non-sensitive resources.
"PRIVILEGES_REQUIRED_HIGH" : The attacker requires privileges that provide significant (e.g., administrative) control over the vulnerable component allowing access to component-wide settings and files.

Implementation