What's the correct severity for substantial DoS vulnerabilities? Substantial DoS vulnerabilities enable attackers to make a system completely unusable, with little effort (say, a stream of a few hundred small packets per second).
If I read the guidelines correctly, it's either "important" or "grave". Is "grave" acceptable?
