Abstract: A vulnerability quantitative evaluation model based on grey evaluation method and analytichierarchy process (AHP) is proposed. Evaluating indexes are created according to influencing factors ofvulnerability severity. AHP is utilized to establish a hierarchical model and get the weight of vulnerability factors.Grey evaluation method with a central point triangular whiten weight function is used to compute and assess eachlevel index of vulnerabilities. Then the quantitative result of certain vulnerability is achieved. The experimentalresults show that this model can evaluate the vulnerabilities severity of computer systems effectively andaccurately.