Severity: Attack Complexity - High

> A successful attack cannot be accomplished at will, but requires the > attacker to invest in some measurable amount of effort in preparation or > execution against the > vulnerable component before a successful attack can be expected. For > example, a successful attack may depend on an attacker overcoming any of the > following conditions: > * The attacker must gather knowledge about the environment in which the > vulnerable target/component exists. For example, a requirement to collect > details on target configuration settings, sequence numbers, or shared > secrets. > * The attacker must prepare the target environment to improve exploit > reliability. For example, repeated exploitation to win a race condition, or > overcoming advanced exploit mitigation techniques. > * The attacker must inject themselves into the logical network path between > the target and the resource requested by the victim in order to read and/or > modify network communications (e.g., a man in the middle attack). Quote from the CVSS specification. Vulnerabilities with this tag were given a CVSS rating as part of the requirement to be included into the [National Vulnerability Database](https://nvd.nist.gov/). You can learn more about what the individual scores mean in the [CVSS specification document](https://www.first.org/cvss/specification-document).