mirror of https://github.com/MISP/misp-objects
Addition of Intel 471 vulnerability intelligence object
Intel 471 object to contain structured vulnerability related data.pull/295/head
Richard Hallick
parent
f116494ac9
commit
f6f419cadc
|
|
@ -1,117 +1,33 @@
|
|||
{
|
||||
"attributes": {
|
||||
"published": {
|
||||
"description": "Initial publication date.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"modified": {
|
||||
"description": "Last modification date.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"cve-id": {
|
||||
"description": "The vulnerability's CVE ID.",
|
||||
"disable_correlation": false,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"summary": {
|
||||
"description": "Summary of the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"vulnerability-status": {
|
||||
"description": "The status of vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"vulnerability-type": {
|
||||
"description": "The type of vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"risk-level": {
|
||||
"description": "Risk level of the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"vendor-name": {
|
||||
"description": "Vendor name.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"product-name": {
|
||||
"description": "Product name.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-disclosed-publicly": {
|
||||
"description": "The vulnerability has been disclosed publicly.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-researched-publicly": {
|
||||
"description": "The vulnerability has been researched or documented publicly.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-exploit-sought": {
|
||||
"description": "An exploit for the vulnerability is being sought.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"activity-location-open-source": {
|
||||
"description": "The vulnerability is being discussed in open source.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"activity-location-underground": {
|
||||
"description": "The vulnerability is being discussed in the underground.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"activity-location-private": {
|
||||
"description": "The vulnerability is being discussed in private/direct communications.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-available": {
|
||||
"description": "Exploit code for the vulnerability is available.",
|
||||
"activity-location-underground": {
|
||||
"description": "The vulnerability is being discussed in the underground.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-weaponized": {
|
||||
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
||||
"countermeasures": {
|
||||
"description": "Summary of countermeasures to protect against the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-productized": {
|
||||
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-not-observed": {
|
||||
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"cve-id": {
|
||||
"description": "The vulnerability's CVE ID.",
|
||||
"disable_correlation": false,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"cvss-score-v2": {
|
||||
|
|
@ -126,12 +42,103 @@
|
|||
"misp-attribute": "float",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"detection": {
|
||||
"description": "Detection signatures/definitions exist for the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-available": {
|
||||
"description": "Exploit code for the vulnerability is available.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-not-observed": {
|
||||
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-productized": {
|
||||
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"exploit-status-weaponized": {
|
||||
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-disclosed-publicly": {
|
||||
"description": "The vulnerability has been disclosed publicly.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-exploit-sought": {
|
||||
"description": "An exploit for the vulnerability is being sought.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"interest-level-researched-publicly": {
|
||||
"description": "The vulnerability has been researched or documented publicly.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "boolean",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"modified": {
|
||||
"description": "Last modification date.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"patch-status": {
|
||||
"description": "Availability of a patch for the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"product-name": {
|
||||
"description": "Product name.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"proof-of-concept": {
|
||||
"description": "Proof of concept code or demonstration exists.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"published": {
|
||||
"description": "Initial publication date.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"references": {
|
||||
"description": "External references.",
|
||||
"disable_correlation": false,
|
||||
"misp-attribute": "link",
|
||||
"multiple": true,
|
||||
"ui-priority": 0
|
||||
},
|
||||
"risk-level": {
|
||||
"description": "Risk level of the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"summary": {
|
||||
"description": "Summary of the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"underground-activity-status": {
|
||||
"description": "Indicates if underground activity has been observed for the vulnerability.",
|
||||
"disable_correlation": true,
|
||||
|
|
@ -144,27 +151,20 @@
|
|||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"detection": {
|
||||
"description": "Detection signatures/definitions exist for the vulnerability.",
|
||||
"vendor-name": {
|
||||
"description": "Vendor name.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"references": {
|
||||
"description": "External references.",
|
||||
"disable_correlation": false,
|
||||
"misp-attribute": "link",
|
||||
"multiple": true,
|
||||
"ui-priority": 0
|
||||
},
|
||||
"proof-of-concept": {
|
||||
"description": "Proof of concept code or demonstration exists.",
|
||||
"vulnerability-status": {
|
||||
"description": "The status of vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
},
|
||||
"countermeasures": {
|
||||
"description": "Summary of countermeasures to protect against the vulnerability.",
|
||||
"vulnerability-type": {
|
||||
"description": "The type of vulnerability.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 0
|
||||
|
|
@ -190,4 +190,4 @@
|
|||
],
|
||||
"uuid": "8f8ee946-1383-4139-b4da-ad8c5aceac07",
|
||||
"version": 4
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue