MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [vulnerability] updated following NATO and CIRCL feedback 

- CVSS score added
- CVSS string added
- credit attribute added
- text -> description
- vulnerability attribute can now be any format (not only the CVE
format)
pull/111/head
Alexandre Dulaunoy 2018-07-10 07:21:36 +02:00
parent 2b5592cfa6
commit 9eb578d747
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
objects/vulnerability/definition.json
View File

@ -5,17 +5,17 @@
"references",
"vulnerable_configuration",
"summary",
"text",
"description",
"id"
],
"attributes": {
"id": {
"description": "Vulnerability ID (generally CVE, but not necessarely). The id is not required as the object itself has an UUID and the CVE id can updated later.",
"description": "Vulnerability ID (generally CVE, but not necessarely). The id is not required as the object itself has an UUID and the CVE id can be update or assigned later.",
"ui-priority": 0,
"misp-attribute": "vulnerability",
"misp-attribute": "text",
"multiple": true
},
"text": {
"description": {
"description": "Description of the vulnerability",
"ui-priority": 0,
"misp-attribute": "text"
@ -69,10 +69,29 @@
],
"disable_correlation": true,
"misp-attribute": "text"
},
"cvss-score": {
"description": "Score of the Common Vulnerability Scoring System (version 3).",
"ui-priority": 1,
"disable_correlation": true,
"misp-attribute": "float"
},
"cvss-string": {
"description": "String of the Common Vulnerability Scoring System (version 3).",
"ui-priority": 1,
"disable_correlation": true,
"misp-attribute": "text"
},
"credit": {
"description": "Who reported/found the vulnerability such as an organisation, person or nickname.",
"ui-priority": 0,
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true
}
},
"version": 4,
"description": "Vulnerability object describing a common vulnerability enumeration which can describe unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"version": 5,
"description": "Vulnerability object describing a common vulnerability enumeration which can describe published, unpublished, under review or embargo vulnerability for software, equipments or hardware.",
"meta-category": "network",
"uuid": "81650945-f186-437b-8945-9f31715d32da",
"name": "vulnerability"