diff --git a/misp/machinetag.json b/misp/machinetag.json
index e95c60f..5a61033 100755
--- a/misp/machinetag.json
+++ b/misp/machinetag.json
@@ -164,10 +164,6 @@
       "expanded": "API related tag influencing the MISP behavior of the API.",
       "value": "api"
     },
-    {
-      "expanded": "misp2yara export tool",
-      "value": "misp2yara"
-    },
     {
       "description": "Expansion tag incluencing the MISP behavior using expansion modules",
       "expanded": "Expansion",
@@ -199,6 +195,10 @@
       "description": "Tool associated with the information taggged",
       "expanded": "Tool",
       "value": "tool"
+    },
+    {
+      "expanded": "misp2yara export tool",
+      "value": "misp2yara"
     }
   ],
   "version": 9,
diff --git a/rsit/machinetag.json b/rsit/machinetag.json
index d7b212e..c74d3fc 100644
--- a/rsit/machinetag.json
+++ b/rsit/machinetag.json
@@ -206,12 +206,7 @@
           "description": "Publicly accessible services potentially disclosing sensitive information, e.g. SNMP or Redis.",
           "expanded": "Information disclosure",
           "value": "information-disclosure"
-        }
-      ],
-      "predicate": "vulnerable"
-    },
-    {
-      "entry": [
+        },
         {
           "description": "A system which is vulnerable to certain attacks. Example: misconfigured client proxy settings (example: WPAD), outdated operating system version, etc.",
           "expanded": "Vulnerable system",
@@ -298,7 +293,7 @@
       "value": "test"
     }
   ],
-  "version": 2,
+  "version": 3,
   "description": "Reference Security Incident Classification Taxonomy",
   "namespace": "rsit"
 }