METHODOLOGY FOR DETERMINING THE CRITICALITY OF VULNERABILITIES USING BERT AND RANDOM FOREST TECHNOLOGIES

The paper investigates the task of automatic prediction of CVSS Score (Common Vulnerability Scoring System) based on textual descriptions of CVE (Common Vulnerabilities and Exposures) vulnerabilities CVSS Score (Common Vulnerability Scoring System) based on textual descriptions of CVE (Common Vulnerabilities and Exposures) vulnerabilities. An approach combining NLP (Natural Language Processing) and machine learning methods is presented machine learning. The existing solutions are analyzed and the main problems are outlined problems: heterogeneity of text data, imbalance of classes in CVSS Score, necessity of model interpretability of the model. The model was designed and applied, which demonstrated prediction accuracy on the NVD (National Vulnerability Database) dataset. The results Are compared with counterparts from current research. Practical importance of the work is the automation of vulnerability analysis for SOC teams (Security Operations Center) and cybersecurity.