MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: Vulnerability object improved to include the case of unpublished 

security vulnerability
pull/66/head
Alexandre Dulaunoy 2018-01-08 07:48:32 +01:00
parent 60279184dd
commit 71c0ae1e6c
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 34 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
objects/vulnerability/definition.json
View File

@ -10,45 +10,68 @@
], ],
"attributes": { "attributes": {
"id": { "id": {
"description": "Vulnerability ID (generally CVE, but not necessarely)", "description": "Vulnerability ID (generally CVE, but not necessarely). The id is not required as the object itself has an UUID and the CVE id can updated later.",
"ui-priority": 1, "ui-priority": 0,
"misp-attribute": "vulnerability" "misp-attribute": "vulnerability",
"multiple": true
}, },
"text": { "text": {
"description": "Description of the vulnerability", "description": "Description of the vulnerability",
"ui-priority": 1, "ui-priority": 0,
"misp-attribute": "text" "misp-attribute": "text"
}, },
"summary": { "summary": {
"description": "Summary of the vulnerability", "description": "Summary of the vulnerability",
"ui-priority": 1, "ui-priority": 0,
"misp-attribute": "text" "misp-attribute": "text"
}, },
"vulnerable_configuration": { "vulnerable_configuration": {
"description": "The vulnerable configuration is described in CPE format", "description": "The vulnerable configuration is described in CPE format",
"multiple": true, "multiple": true,
"ui-priority": 1, "ui-priority": 0,
"misp-attribute": "text" "misp-attribute": "text"
}, },
"modified": { "modified": {
"description": "Last modification date", "description": "Last modification date",
"ui-priority": 0, "ui-priority": 0,
"misp-attribute": "datetime" "misp-attribute": "datetime",
"disable_correlation": true
}, },
"published": { "published": {
"description": "Initial publication date", "description": "Initial publication date",
"ui-priority": 0, "ui-priority": 0,
"misp-attribute": "datetime" "misp-attribute": "datetime",
"disable_correlation": true
},
"created": {
"description": "First time when the vulnerability was discovered",
"ui-priority": 0,
"misp-attribute": "datetime",
"disable_correlation": true
}, },
"references": { "references": {
"description": "External references", "description": "External references",
"multiple": true, "multiple": true,
"ui-priority": 1, "ui-priority": 0,
"misp-attribute": "link" "misp-attribute": "link"
},
"state": {
"description": "State of the vulnerability. A vulnerability can have multiple states depending of the current actions performed.",
"multiple": true,
"ui-priority": 0,
"sane_default": [
"Published",
"Embargo",
"Reviewed",
"Vulnerability ID Assigned",
"Reported",
"Fixed"
],
"disable_correlation": true
} }
}, },
"version": 2, "version": 3,
"description": "Vulnerability object describing common vulnerability enumeration", "description": "Vulnerability object describing a common vulnerability enumeration which can describe unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"meta-category": "network", "meta-category": "network",
"uuid": "81650945-f186-437b-8945-9f31715d32da", "uuid": "81650945-f186-437b-8945-9f31715d32da",
"name": "vulnerability" "name": "vulnerability"