misp-objects/objects/intel471-vulnerability-inte.../definition.json

233 lines
6.6 KiB
JSON

{
"attributes": {
"activity-location-open-source": {
"description": "The vulnerability is being discussed in open source.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"activity-location-private": {
"description": "The vulnerability is being discussed in private/direct communications.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"activity-location-underground": {
"description": "The vulnerability is being discussed in the underground.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"countermeasures": {
"description": "Summary of countermeasures to protect against the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"cve-id": {
"description": "The vulnerability's CVE ID.",
"disable_correlation": false,
"misp-attribute": "text",
"ui-priority": 0
},
"cvss-score-v2": {
"description": "CVSS score (version 2).",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
},
"cvss-score-v3": {
"description": "CVSS score (version 3).",
"disable_correlation": true,
"misp-attribute": "float",
"ui-priority": 0
},
"detection": {
"description": "Detection signatures/definitions exist for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"exploit-status-available": {
"description": "Exploit code for the vulnerability is available.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"exploit-status-not-observed": {
"description": "Exploit code or usage has not been observed for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"exploit-status-productized": {
"description": "There is a module for the vulnerability in commercial exploit kits or network security tools.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"exploit-status-weaponized": {
"description": "The vulnerability has been used in an attack or has been included in an exploit kit.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"interest-level-disclosed-publicly": {
"description": "The vulnerability has been disclosed publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"interest-level-exploit-sought": {
"description": "An exploit for the vulnerability is being sought.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"interest-level-researched-publicly": {
"description": "The vulnerability has been researched or documented publicly.",
"disable_correlation": true,
"misp-attribute": "boolean",
"sane_default": [
"True",
"False"
],
"ui-priority": 0
},
"modified": {
"description": "Last modification date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"patch-status": {
"description": "Availability of a patch for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"product-name": {
"description": "Product name.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"proof-of-concept": {
"description": "Proof of concept code or demonstration exists.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"published": {
"description": "Initial publication date.",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"references": {
"description": "External references.",
"disable_correlation": false,
"misp-attribute": "link",
"multiple": true,
"ui-priority": 0
},
"risk-level": {
"description": "Risk level of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"summary": {
"description": "Summary of the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"underground-activity-status": {
"description": "Indicates if underground activity has been observed for the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"underground-activity-summary": {
"description": "Description of underground activity related to the vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vendor-name": {
"description": "Vendor name.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vulnerability-status": {
"description": "The status of vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vulnerability-type": {
"description": "The type of vulnerability.",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0
},
"vulnerable-configuration": {
"description": "Vulnerable configuration in CPE format.",
"disable_correlation": false,
"misp-attribute": "text",
"multiple": true,
"ui-priority": 0
}
},
"description": "Intel 471 vulnerability intelligence object.",
"meta-category": "vulnerability",
"name": "intel471-vulnerability-intelligence",
"requiredOneOf": [
"published",
"modified",
"references",
"vulnerable-configuration",
"summary",
"cve-id"
],
"uuid": "8f8ee946-1383-4139-b4da-ad8c5aceac07",
"version": 5
}