ExploitTargetTypeExploit Target Schema

Represents a single STIX Exploit Target.

ExploitTargets are vulnerabilities or weaknesses in software, systems, networks or configurations that are targeted for exploitation by the TTP of a ThreatActor. In a structured sense, ExploitTargets consist of vulnerability identifications or characterizations, weakness identifications or characterizations, configuration identifications or characterizations, potential Courses of Action, source of the ExploitTarget information, handling guidance, etc.


Fields

Field Name Type Description
@idoptional QName

Specifies a globally unique identifier for this ExploitTarget.

@idrefoptional QName

Specifies a globally unique identifier of an ExploitTarget specified elsewhere.

When idref is specified, the id attribute must not be specified, and any instance of this ExploitTarget should not hold content.

@timestampoptional dateTime

Specifies a timestamp for the definition of a specific version of an ExploitTarget When used in conjunction with the id, this field is specifying the definition time for the specific version of the ExploitTarget. When used in conjunction with the idref, this field is specifying a reference to a specific version of an ExploitTarget defined elsewhere. This field has no defined semantic meaning if used in the absence of either the id or idref fields.

@versionoptional ExploitTargetVersionType

Specifies the relevant STIX-ExploitTarget schema version for this content.

Title0..1 string

The Title field provides a simple title for this ExploitTarget.

Description0..n StructuredTextType

The Description field is optional and provides an unstructured, text description of this ExploitTarget.

Short_Description0..n StructuredTextType

The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget.

Vulnerability0..n VulnerabilityType

The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.

Weakness0..n WeaknessType

The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.

Configuration0..n ConfigurationType

The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.

Potential_COAs0..1 PotentialCOAsType

The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.

Information_Source0..1 InformationSourceType

The Information_Source field details the source of this entry.

Handling0..1 MarkingType

The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.

Related_Exploit_Targets0..1 RelatedExploitTargetsType

The Related_Exploit_Targets field specifies one or more exploit targets that are related to this exploit target.

Related_Packages0..1 RelatedPackageRefsType

The Related_Packages field identifies or characterizes relationships to set of related Packages.

DEPRECATED: This field is deprecated and will be removed in the next major version of STIX. Its use is strongly discouraged except for legacy applications.