Addition of Intel 471 vulnerability intelligence object

Intel 471 object to contain structured vulnerability related data.
pull/295/head
Richard Hallick 2020-09-23 13:20:33 +01:00
parent f116494ac9
commit f6f419cadc
1 changed files with 107 additions and 107 deletions

View File

@ -1,117 +1,33 @@
{ {
"attributes": { "attributes": {
"published": {
"description": "Initial publication date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"modified": {
"description": "Last modification date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"cve-id": {
"description": "The vulnerability's CVE ID.",
"disable_correlation": false,
"misp-attribute": "text",
"ui-priority": 0
},
"summary": {
"description": "Summary of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vulnerability-status": {
"description": "The status of vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vulnerability-type": {
"description": "The type of vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"risk-level": {
"description": "Risk level of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vendor-name": {
"description": "Vendor name.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"product-name": {
"description": "Product name.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"interest-level-disclosed-publicly": {
"description": "The vulnerability has been disclosed publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"interest-level-researched-publicly": {
"description": "The vulnerability has been researched or documented publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"interest-level-exploit-sought": {
"description": "An exploit for the vulnerability is being sought.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"activity-location-open-source": { "activity-location-open-source": {
"description": "The vulnerability is being discussed in open source.", "description": "The vulnerability is being discussed in open source.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "boolean", "misp-attribute": "boolean",
"ui-priority": 0 "ui-priority": 0
}, },
"activity-location-underground": {
"description": "The vulnerability is being discussed in the underground.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"activity-location-private": { "activity-location-private": {
"description": "The vulnerability is being discussed in private/direct communications.", "description": "The vulnerability is being discussed in private/direct communications.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "boolean", "misp-attribute": "boolean",
"ui-priority": 0 "ui-priority": 0
}, },
"exploit-status-available": { "activity-location-underground": {
"description": "Exploit code for the vulnerability is available.", "description": "The vulnerability is being discussed in the underground.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "boolean", "misp-attribute": "boolean",
"ui-priority": 0 "ui-priority": 0
}, },
"exploit-status-weaponized": { "countermeasures": {
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.", "description": "Summary of countermeasures to protect against the vulnerability.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "boolean", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"exploit-status-productized": { "cve-id": {
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.", "description": "The vulnerability's CVE ID.",
"disable_correlation": true, "disable_correlation": false,
"misp-attribute": "boolean", "misp-attribute": "text",
"ui-priority": 0
},
"exploit-status-not-observed": {
"description": "Exploit code or usage has not been observed for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0 "ui-priority": 0
}, },
"cvss-score-v2": { "cvss-score-v2": {
@ -126,12 +42,103 @@
"misp-attribute": "float", "misp-attribute": "float",
"ui-priority": 0 "ui-priority": 0
}, },
"detection": {
"description": "Detection signatures/definitions exist for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"exploit-status-available": {
"description": "Exploit code for the vulnerability is available.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"exploit-status-not-observed": {
"description": "Exploit code or usage has not been observed for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"exploit-status-productized": {
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"exploit-status-weaponized": {
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"interest-level-disclosed-publicly": {
"description": "The vulnerability has been disclosed publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"interest-level-exploit-sought": {
"description": "An exploit for the vulnerability is being sought.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"interest-level-researched-publicly": {
"description": "The vulnerability has been researched or documented publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"ui-priority": 0
},
"modified": {
"description": "Last modification date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"patch-status": { "patch-status": {
"description": "Availability of a patch for the vulnerability.", "description": "Availability of a patch for the vulnerability.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"product-name": {
"description": "Product name.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"proof-of-concept": {
"description": "Proof of concept code or demonstration exists.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"published": {
"description": "Initial publication date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"references": {
"description": "External references.",
"disable_correlation": false,
"misp-attribute": "link",
"multiple": true,
"ui-priority": 0
},
"risk-level": {
"description": "Risk level of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"summary": {
"description": "Summary of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"underground-activity-status": { "underground-activity-status": {
"description": "Indicates if underground activity has been observed for the vulnerability.", "description": "Indicates if underground activity has been observed for the vulnerability.",
"disable_correlation": true, "disable_correlation": true,
@ -144,27 +151,20 @@
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"detection": { "vendor-name": {
"description": "Detection signatures/definitions exist for the vulnerability.", "description": "Vendor name.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"references": { "vulnerability-status": {
"description": "External references.", "description": "The status of vulnerability.",
"disable_correlation": false,
"misp-attribute": "link",
"multiple": true,
"ui-priority": 0
},
"proof-of-concept": {
"description": "Proof of concept code or demonstration exists.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0
}, },
"countermeasures": { "vulnerability-type": {
"description": "Summary of countermeasures to protect against the vulnerability.", "description": "The type of vulnerability.",
"disable_correlation": true, "disable_correlation": true,
"misp-attribute": "text", "misp-attribute": "text",
"ui-priority": 0 "ui-priority": 0