CVSS (Common Vulnerability Scoring System) is used to assign severity scores to security vulnerabilities, allowing organizations to assess risk and prioritize remediation efforts. By using CVSS scores, teams can address the most critical vulnerabilities first, based on the potential impact.
Reference:
CompTIA Security+ SY0-701 Official Study Guide, Domain 4.2: "CVSS is used to score the severity of vulnerabilities and prioritize remediation." Exam Objectives 4.2: "Summarize vulnerability management processes."