new: [vulnerability] first version of a taxonomy for vulnerabilities

This taxonomy is originally maintained by MISP project and done for the vulnerability-lookup project https://github.com/cve-search/vulnerability-lookup The taxonomy will be extended and improved. Contributions are also very welcome. Thanks to @cedricbonhomme for the original discussions.
2024-08-30 09:27:41 +02:00 · 2024-08-30 09:27:41 +02:00 · e1a1d055a9
parent 15efab5d89
commit e1a1d055a9
1 changed files with 66 additions and 0 deletions
--- a/vulnerability/machinetag.json
+++ b/vulnerability/machinetag.json
@ -0,0 +1,66 @@
+{
+  "namespace": "vulnerability",
+  "expanded": "vulnerability",
+  "description": "A taxonomy for describing vulnerabilities (software, hardware, or social) on different scales or with additional available information.",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "exploitability",
+      "expanded": "Exploitability",
+      "description": "Quantification of attack exploitability, providing a level of exploitation for the identified vulnerability.",
+      "exclusive": true
+    },
+    {
+      "value": "information",
+      "expanded": "Information",
+      "description": "Complementary information related to the vulnerability."
+    }
+  ],
+  "values": [
+    {
+      "predicate": "exploitability",
+      "entry": [
+        {
+          "value": "industrialised",
+          "expanded": "Industrialised",
+          "description": "Existing vulnerability with detailed attack methods; multiple tools are available for exploitation."
+        },
+        {
+          "value": "customised",
+          "expanded": "Customised",
+          "description": "Existing vulnerability with a detailed attack approach and one known custom tool available for exploitation."
+        },
+        {
+          "value": "documented",
+          "expanded": "Documented",
+          "description": "Existing vulnerability is documented with an attack approach, but tools for exploitation are not available."
+        },
+        {
+          "value": "theoretical",
+          "expanded": "Theoretical",
+          "description": "Publication describes a theoretical but no actual vulnerability is reported."
+        }
+      ]
+    },
+    {
+      "predicate": "information",
+      "entry": [
+        {
+          "value": "PoC",
+          "expanded": "Proof-of-Concept",
+          "description": "Reference to a proof-of-concept for exploiting the vulnerability."
+        },
+        {
+          "value": "remediation",
+          "expanded": "Remediation",
+          "description": "Remediation to limit or block the exploitability of the vulnerability."
+        },
+        {
+          "value": "annotation",
+          "expanded": "Annotation",
+          "description": "Annotation or clarification to a vulnerability."
+        }
+      ]
+    }
+  ]
+}