Severity: Attack Complexity - Low

Specialized access conditions or extenuating circumstances do not exist. The following are examples:

• The affected product typically requires access to a wide range of systems and users, possibly anonymous and untrusted (e.g., Internet-facing web or mail server).
• The affected configuration is default or ubiquitous.
• The attack can be performed manually and requires little skill or additional information gathering.
• The race condition is a lazy one (i.e., it is technically a race but easily winnable).

Quote from the CVSS specification

Vulnerabilities with this tag were given a CVSS rating as part of the requirement to be included into the National Vulnerability Database. You can learn more about what the individual scores mean in the CVSS specification document.