VulnerabilityTypeExploit Target Schema

Characterizes an individual vulnerability.

In addition to capturing basic information and references to vulnerability registries, this type is intended to be extended to enable the structured description of a vulnerability by using the XML Schema extension feature. The STIX default extension uses the Common Vulnerability Reporting Format (CVRF) schema to do so. The extension that defines this is captured in the CVRF1.1InstanceType in the http://stix.mitre.org/extensions/Vulnerability#CVRF1.1-1 namespace. This type is defined in the extensions/vulnerability/cvrf_1.1_vulnerability.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/vulnerability/cvrf_1.1/1.2/cvrf_1.1_vulnerability.xsd.


Fields

Field Name Type Description
@is_knownoptional boolean

The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.

@is_publicly_acknowledgedoptional boolean

The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.

Title0..1 string

The Title field provides a simple title for this vulnerability.

Description0..n StructuredTextType

The Description field provides an unstructured, text description of this vulnerability.

Short_Description0..n StructuredTextType

The Short_Description field provides a short, unstructured, text description of this vulnerability.

CVE_ID0..1 CVE_IDInlineType

The CVE_ID field specifies a CVE identifier for a particular vulnerability.

OSVDB_ID0..1 positiveInteger

The OSVDB_ID field specifies an OSVDB identifier for a particular vulnerability.

Source0..1 string

The Source field describes the source of the CVE or OSVDB as a textual description or URL.

CVSS_Score0..1 CVSSVectorType

The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.

Discovered_DateTime0..1 DateTimeWithPrecisionType

The date and time that this vulnerability was first discovered.

Published_DateTime0..1 DateTimeWithPrecisionType

The date and time that this vulnerability was first published.

Affected_Software0..1 AffectedSoftwareType

The Affected_Software field captures the list of platforms and software that are affected by this vulnerability. It is implemented through the CybOX Observables, the suggested CybOX objects to use are the Product Object, the Device Object, the System Object, and the Code Object.

References0..1 ReferencesType

The References field captures a list of external references describing this vulnerability.