DREAD system is designed to provide a rating for a threat by answering 5 main questions of which are:
- Damage Potential: How severe would the damage be?
- Reproducibility: How complicated is it for attacker to reproduce the exploit?
- Exploitability: How hard is it to perform the attack?
- Affected Users: How many user will likely to be affected?
- Discoverability: How hard for an attacker to discover the weakness?