Some or all of the information on this page might not apply to Cloud de Confiance by S3NS. See Differences from Google Cloud for more details.

Google Cloud Security Compliance V1 Client - Class Severity (0.2.0)

Reference documentation and code samples for the Google Cloud Security Compliance V1 Client class Severity.

The severity of the finding.

Protobuf type google.cloud.cloudsecuritycompliance.v1.Severity

Namespace

Google \ Cloud \ CloudSecurityCompliance \ V1

Methods

static::name

Parameter
Name	Description
`value`	`mixed`

static::value

Parameter
Name	Description
`name`	`mixed`

Constants

SEVERITY_UNSPECIFIED

Value: 0

Default value. This value is unused.

Generated from protobuf enum SEVERITY_UNSPECIFIED = 0;

CRITICAL

Value: 1

A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data and public SSH access with weak or no passwords.

A critical threat is a threat that can access, modify, or delete data or execute unauthorized code within existing resources.

Generated from protobuf enum CRITICAL = 1;

HIGH

Value: 2

A high-risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads.

An example is a database with weak or no passwords that is only accessible internally. This database could easily be compromised by an actor that had access to the internal network. A high-risk threat is a threat that can create new computational resources in an environment but can't access data or execute code in existing resources.

Generated from protobuf enum HIGH = 2;

MEDIUM

Value: 3

A medium-risk vulnerability can be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data. An example is a service account with access to more projects than it should have. If an actor gains access to the service account, they could potentially use that access to manipulate a project the service account was not intended to.

A medium-risk threat can cause operational impact but might not access data or execute unauthorized code.

Generated from protobuf enum MEDIUM = 3;

LOW

Value: 4

A low-risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues. An example is monitoring and logs being disabled for resource configurations and access.

A low-risk threat is a threat that has obtained minimal access to an environment but can't access data, execute code, or create resources.

Generated from protobuf enum LOW = 4;