Administrators usually take some network security metrics as important bases to measure network security. Common Vulnerability Scoring System (CVSS) is one of the generally accepted network measurement method. Aiming at the problem that the existing network security measurement based on CVSS could not accurately measure the probability and the impact of network attack at the same time, an improved base metric algorithm based on dependency relationship graph and CVSS was proposed. Firstly, the dependency relationship of the vulnerability nodes in an attack graph was explored to build the dependency relationship graph. Then, the base metric algorithm of the vulnerability in CVSS was modified according to the dependency relationship. Finally, the vulnerability scores in the whole attack graph were aggregated to obtain the probability and the impact of network attack. The results of simulation with simulated attacker show that the proposed algorithm is superior to the algorithm of aggregating CVSS scores in terms of accuracy and credibility, and can get measurement results closer to the actual simulation results.