Problem
Imagine you are a security engineer and have analyzed a software platform / app and uncovered a security vulnerability.
Your analysis has concluded following aspects
1) The vulnerability can be discovered through some reasonably simple network data analysis / traces, diagnostics
2) if exploited, it could affect some users but not all
3) it is not too difficult to exploit it as some malware / attack scripts may already exist
4) it can be reproduced / replicated with reasonable steps to show that it is real and can happen
5) the damage maybe to user data but not necessarily entire system wide
Answer the following --
• With this assessment, determine Risk score of this scenarios.
• Write down specifically how you arrived at the Risk score.