misp-objects/objects/vulnerability/definition.json

99 lines
3.0 KiB
JSON
Raw Normal View History

{
2017-07-03 12:25:06 +02:00
"requiredOneOf": [
"published",
"modified",
"references",
"vulnerable_configuration",
"summary",
"description",
2017-07-03 12:25:06 +02:00
"id"
],
2017-02-13 11:18:42 +01:00
"attributes": {
2017-07-03 12:25:06 +02:00
"id": {
"description": "Vulnerability ID (generally CVE, but not necessarely). The id is not required as the object itself has an UUID and the CVE id can be update or assigned later.",
"ui-priority": 0,
"misp-attribute": "text",
"multiple": true
2017-02-13 11:18:42 +01:00
},
"description": {
2017-08-29 18:36:46 +02:00
"description": "Description of the vulnerability",
"ui-priority": 0,
2017-07-03 12:25:06 +02:00
"misp-attribute": "text"
2017-02-13 11:18:42 +01:00
},
2017-07-03 12:25:06 +02:00
"summary": {
2017-08-29 18:36:46 +02:00
"description": "Summary of the vulnerability",
"ui-priority": 0,
2017-07-03 12:25:06 +02:00
"misp-attribute": "text"
2017-02-13 11:18:42 +01:00
},
"vulnerable_configuration": {
2017-07-03 12:25:06 +02:00
"description": "The vulnerable configuration is described in CPE format",
2017-02-13 11:18:42 +01:00
"multiple": true,
"ui-priority": 0,
2017-07-03 12:25:06 +02:00
"misp-attribute": "text"
2017-02-13 11:18:42 +01:00
},
2017-07-03 12:25:06 +02:00
"modified": {
2017-08-29 18:36:46 +02:00
"description": "Last modification date",
2017-07-03 16:45:25 +02:00
"ui-priority": 0,
"misp-attribute": "datetime",
"disable_correlation": true
2017-02-13 11:18:42 +01:00
},
2017-07-03 12:25:06 +02:00
"published": {
2017-08-29 18:36:46 +02:00
"description": "Initial publication date",
2017-07-03 16:45:25 +02:00
"ui-priority": 0,
"misp-attribute": "datetime",
"disable_correlation": true
},
"created": {
"description": "First time when the vulnerability was discovered",
"ui-priority": 0,
"misp-attribute": "datetime",
"disable_correlation": true
2017-02-13 11:18:42 +01:00
},
2017-07-03 12:25:06 +02:00
"references": {
2017-08-29 18:36:46 +02:00
"description": "External references",
2017-07-03 12:25:06 +02:00
"multiple": true,
"ui-priority": 0,
2017-07-03 12:25:06 +02:00
"misp-attribute": "link"
},
"state": {
"description": "State of the vulnerability. A vulnerability can have multiple states depending of the current actions performed.",
"multiple": true,
"ui-priority": 0,
"sane_default": [
"Published",
"Embargo",
"Reviewed",
"Vulnerability ID Assigned",
"Reported",
"Fixed"
],
"disable_correlation": true,
"misp-attribute": "text"
},
"cvss-score": {
"description": "Score of the Common Vulnerability Scoring System (version 3).",
"ui-priority": 1,
"disable_correlation": true,
"misp-attribute": "float"
},
"cvss-string": {
"description": "String of the Common Vulnerability Scoring System (version 3).",
"ui-priority": 1,
"disable_correlation": true,
"misp-attribute": "text"
},
"credit": {
"description": "Who reported/found the vulnerability such as an organisation, person or nickname.",
"ui-priority": 0,
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true
2017-02-13 11:18:42 +01:00
}
},
"version": 5,
"description": "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"meta-category": "vulnerability",
2017-07-03 12:25:06 +02:00
"uuid": "81650945-f186-437b-8945-9f31715d32da",
"name": "vulnerability"
}