# Severity Criteria

Vulnerabilities detected by the Web Application Diagnosis feature are assigned a severity level based on the following criteria.

| Severity | Description                                                                                                                                                                             |
| -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Critical | Vulnerabilities that could have a significant impact on the entire system, such as large-scale confidential information leakage or server takeover.                                     |
| High     | Vulnerabilities that could lead to the leakage of irrecoverable confidential information or the alteration of important information.                                                    |
| Medium   | Vulnerabilities that could lead to irrecoverable information leakage or alteration, or that could contribute to other serious vulnerabilities.                                          |
| Low      | Vulnerabilities that could lead to minor information leakage or alteration, or that could contribute to other vulnerabilities.                                                          |
| Info     | Issues related to the disclosure of information (such as debugging information) that could be used as clues by attackers, or information on practices to make applications more robust. |