Hi. Would like to ask about CVSS, the section regarding scope. For a vulnerability like misconfigured scheduled task permissions e.g. exploitation of a cron job which allows for the priv escalation using a php reverse shell from low priv user to root, would the scope be changed or unchanged ?