mirror of https://github.com/MISP/misp-objects
Addition of Intel 471 vulnerability intelligence object
Intel 471 object to contain structured vulnerability related data.pull/295/head
parent
f116494ac9
commit
f6f419cadc
|
@ -1,117 +1,33 @@
|
||||||
{
|
{
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"published": {
|
|
||||||
"description": "Initial publication date.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "datetime",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"modified": {
|
|
||||||
"description": "Last modification date.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "datetime",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"cve-id": {
|
|
||||||
"description": "The vulnerability's CVE ID.",
|
|
||||||
"disable_correlation": false,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"summary": {
|
|
||||||
"description": "Summary of the vulnerability.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"vulnerability-status": {
|
|
||||||
"description": "The status of vulnerability.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"vulnerability-type": {
|
|
||||||
"description": "The type of vulnerability.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"risk-level": {
|
|
||||||
"description": "Risk level of the vulnerability.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"vendor-name": {
|
|
||||||
"description": "Vendor name.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"product-name": {
|
|
||||||
"description": "Product name.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"interest-level-disclosed-publicly": {
|
|
||||||
"description": "The vulnerability has been disclosed publicly.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "boolean",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"interest-level-researched-publicly": {
|
|
||||||
"description": "The vulnerability has been researched or documented publicly.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "boolean",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"interest-level-exploit-sought": {
|
|
||||||
"description": "An exploit for the vulnerability is being sought.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "boolean",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"activity-location-open-source": {
|
"activity-location-open-source": {
|
||||||
"description": "The vulnerability is being discussed in open source.",
|
"description": "The vulnerability is being discussed in open source.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"activity-location-underground": {
|
|
||||||
"description": "The vulnerability is being discussed in the underground.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "boolean",
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"activity-location-private": {
|
"activity-location-private": {
|
||||||
"description": "The vulnerability is being discussed in private/direct communications.",
|
"description": "The vulnerability is being discussed in private/direct communications.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-available": {
|
"activity-location-underground": {
|
||||||
"description": "Exploit code for the vulnerability is available.",
|
"description": "The vulnerability is being discussed in the underground.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "boolean",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-weaponized": {
|
"countermeasures": {
|
||||||
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
"description": "Summary of countermeasures to protect against the vulnerability.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"exploit-status-productized": {
|
"cve-id": {
|
||||||
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
"description": "The vulnerability's CVE ID.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": false,
|
||||||
"misp-attribute": "boolean",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"exploit-status-not-observed": {
|
|
||||||
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "boolean",
|
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"cvss-score-v2": {
|
"cvss-score-v2": {
|
||||||
|
@ -126,12 +42,103 @@
|
||||||
"misp-attribute": "float",
|
"misp-attribute": "float",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
|
"detection": {
|
||||||
|
"description": "Detection signatures/definitions exist for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-available": {
|
||||||
|
"description": "Exploit code for the vulnerability is available.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-not-observed": {
|
||||||
|
"description": "Exploit code or usage has not been observed for the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-productized": {
|
||||||
|
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"exploit-status-weaponized": {
|
||||||
|
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-disclosed-publicly": {
|
||||||
|
"description": "The vulnerability has been disclosed publicly.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-exploit-sought": {
|
||||||
|
"description": "An exploit for the vulnerability is being sought.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"interest-level-researched-publicly": {
|
||||||
|
"description": "The vulnerability has been researched or documented publicly.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "boolean",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"modified": {
|
||||||
|
"description": "Last modification date.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "datetime",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
"patch-status": {
|
"patch-status": {
|
||||||
"description": "Availability of a patch for the vulnerability.",
|
"description": "Availability of a patch for the vulnerability.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
|
"product-name": {
|
||||||
|
"description": "Product name.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"proof-of-concept": {
|
||||||
|
"description": "Proof of concept code or demonstration exists.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"published": {
|
||||||
|
"description": "Initial publication date.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "datetime",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"references": {
|
||||||
|
"description": "External references.",
|
||||||
|
"disable_correlation": false,
|
||||||
|
"misp-attribute": "link",
|
||||||
|
"multiple": true,
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"risk-level": {
|
||||||
|
"description": "Risk level of the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
|
"summary": {
|
||||||
|
"description": "Summary of the vulnerability.",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"ui-priority": 0
|
||||||
|
},
|
||||||
"underground-activity-status": {
|
"underground-activity-status": {
|
||||||
"description": "Indicates if underground activity has been observed for the vulnerability.",
|
"description": "Indicates if underground activity has been observed for the vulnerability.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
|
@ -144,27 +151,20 @@
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"detection": {
|
"vendor-name": {
|
||||||
"description": "Detection signatures/definitions exist for the vulnerability.",
|
"description": "Vendor name.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"references": {
|
"vulnerability-status": {
|
||||||
"description": "External references.",
|
"description": "The status of vulnerability.",
|
||||||
"disable_correlation": false,
|
|
||||||
"misp-attribute": "link",
|
|
||||||
"multiple": true,
|
|
||||||
"ui-priority": 0
|
|
||||||
},
|
|
||||||
"proof-of-concept": {
|
|
||||||
"description": "Proof of concept code or demonstration exists.",
|
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
},
|
},
|
||||||
"countermeasures": {
|
"vulnerability-type": {
|
||||||
"description": "Summary of countermeasures to protect against the vulnerability.",
|
"description": "The type of vulnerability.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"ui-priority": 0
|
"ui-priority": 0
|
||||||
|
|
Loading…
Reference in New Issue