mirror of https://github.com/MISP/misp-objects
Merge pull request #295 from rhallick/intel471-1
Addition of intel471-vulnerability-intelligence objectpull/297/head
commit
e7b71d5df7
|
@ -0,0 +1,193 @@
|
||||||
|
{
|
||||||
|
"attributes": {
|
||||||
|
"activity-location-open-source": {
|
||||||
|
"description": "The vulnerability is being discussed in open source.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"activity-location-private": {
|
||||||
|
"description": "The vulnerability is being discussed in private/direct communications.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"activity-location-underground": {
|
||||||
|
"description": "The vulnerability is being discussed in the underground.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"countermeasures": {
|
||||||
|
"description": "Summary of countermeasures to protect against the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"cve-id": {
|
||||||
|
"description": "The vulnerability's CVE ID.",
|
||||||
|
"disable_correlation": false,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"cvss-score-v2": {
|
||||||
|
"description": "CVSS score (version 2).",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "float",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"cvss-score-v3": {
|
||||||
|
"description": "CVSS score (version 3).",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "float",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"detection": {
|
||||||
|
"description": "Detection signatures/definitions exist for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-available": {
|
||||||
|
"description": "Exploit code for the vulnerability is available.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-not-observed": {
|
||||||
|
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-productized": {
|
||||||
|
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-weaponized": {
|
||||||
|
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-disclosed-publicly": {
|
||||||
|
"description": "The vulnerability has been disclosed publicly.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-exploit-sought": {
|
||||||
|
"description": "An exploit for the vulnerability is being sought.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-researched-publicly": {
|
||||||
|
"description": "The vulnerability has been researched or documented publicly.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"modified": {
|
||||||
|
"description": "Last modification date.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "datetime",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"patch-status": {
|
||||||
|
"description": "Availability of a patch for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"product-name": {
|
||||||
|
"description": "Product name.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"proof-of-concept": {
|
||||||
|
"description": "Proof of concept code or demonstration exists.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"published": {
|
||||||
|
"description": "Initial publication date.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "datetime",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"references": {
|
||||||
|
"description": "External references.",
|
||||||
|
"disable_correlation": false,
|
||||||
|
"misp-attribute": "link",
|
||||||
|
"multiple": true,
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"risk-level": {
|
||||||
|
"description": "Risk level of the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"summary": {
|
||||||
|
"description": "Summary of the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"underground-activity-status": {
|
||||||
|
"description": "Indicates if underground activity has been observed for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"underground-activity-summary": {
|
||||||
|
"description": "Description of underground activity related to the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"vendor-name": {
|
||||||
|
"description": "Vendor name.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"vulnerability-status": {
|
||||||
|
"description": "The status of vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"vulnerability-type": {
|
||||||
|
"description": "The type of vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"vulnerable-configuration": {
|
||||||
|
"description": "Vulnerable configuration in CPE format.",
|
||||||
|
"disable_correlation": false,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"multiple": true,
|
||||||
|
"ui-priority": 0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"description": "Intel 471 vulnerability intelligence object.",
|
||||||
|
"meta-category": "vulnerability",
|
||||||
|
"name": "intel471-vulnerability-intelligence",
|
||||||
|
"requiredOneOf": [
|
||||||
|
"published",
|
||||||
|
"modified",
|
||||||
|
"references",
|
||||||
|
"vulnerable-configuration",
|
||||||
|
"summary",
|
||||||
|
"cve-id"
|
||||||
|
],
|
||||||
|
"uuid": "8f8ee946-1383-4139-b4da-ad8c5aceac07",
|
||||||
|
"version": 4
|
||||||
|
}
|
Loading…
Reference in New Issue