MISP
/
misp-taxonomies
mirror of https://github.com/MISP/misp-taxonomies
2
0
Fork 0
Code Issues Releases Wiki Activity
misp-taxonomies/vulnerability/machinetag.json

67 lines
2.2 KiB
JSON
Raw Permalink Blame History

{
"namespace": "vulnerability",
"expanded": "vulnerability",
"description": "A taxonomy for describing vulnerabilities (software, hardware, or social) on different scales or with additional available information.",
"version": 1,
"predicates": [
{
"value": "exploitability",
"expanded": "Exploitability",
"description": "Quantification of attack exploitability, providing a level of exploitation for the identified vulnerability.",
"exclusive": true
},
{
"value": "information",
"expanded": "Information",
"description": "Complementary information related to the vulnerability."
}
],
"values": [
{
"predicate": "exploitability",
"entry": [
{
"value": "industrialised",
"expanded": "Industrialised",
"description": "Existing vulnerability with detailed attack methods; multiple tools are available for exploitation."
},
{
"value": "customised",
"expanded": "Customised",
"description": "Existing vulnerability with a detailed attack approach and one known custom tool available for exploitation."
},
{
"value": "documented",
"expanded": "Documented",
"description": "Existing vulnerability is documented with an attack approach, but tools for exploitation are not available."
},
{
"value": "theoretical",
"expanded": "Theoretical",
"description": "Publication describes a theoretical but no actual vulnerability is reported."
}
]
},
{
"predicate": "information",
"entry": [
{
"value": "PoC",
"expanded": "Proof-of-Concept",
"description": "Reference to a proof-of-concept for exploiting the vulnerability."
},
{
"value": "remediation",
"expanded": "Remediation",
"description": "Remediation to limit or block the exploitability of the vulnerability."
},
{
"value": "annotation",
"expanded": "Annotation",
"description": "Annotation or clarification to a vulnerability."
}
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink