Represents a single STIX Exploit Target.
ExploitTargets are vulnerabilities or weaknesses in software, systems, networks or configurations that are targeted for exploitation by the TTP of a ThreatActor. In a structured sense, ExploitTargets consist of vulnerability identifications or characterizations, weakness identifications or characterizations, configuration identifications or characterizations, potential Courses of Action, source of the ExploitTarget information, handling guidance, etc.
| Field Name | Type | Description |
|---|---|---|
| @idoptional | QName |
Specifies a globally unique identifier for this ExploitTarget. |
| @idrefoptional | QName |
Specifies a globally unique identifier of an ExploitTarget specified elsewhere. When idref is specified, the id attribute must not be specified, and any instance of this ExploitTarget should not hold content. |
| @timestampoptional | dateTime |
Specifies a timestamp for the definition of a specific version of an ExploitTarget When used in conjunction with the id, this field is specifying the definition time for the specific version of the ExploitTarget. When used in conjunction with the idref, this field is specifying a reference to a specific version of an ExploitTarget defined elsewhere. This field has no defined semantic meaning if used in the absence of either the id or idref fields. |
| @versionoptional | ExploitTargetVersionType |
Specifies the relevant STIX-ExploitTarget schema version for this content. |
| Title0..1 | string |
The Title field provides a simple title for this ExploitTarget. |
| Description0..n | StructuredTextType |
The Description field is optional and provides an unstructured, text description of this ExploitTarget. |
| Short_Description0..n | StructuredTextType |
The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget. |
| Vulnerability0..n | VulnerabilityType |
The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget. |
| Weakness0..n | WeaknessType |
The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget. |
| Configuration0..n | ConfigurationType |
The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget. |
| Potential_COAs0..1 | PotentialCOAsType |
The Potential_COAs field specifies potential Courses of Action for this ExploitTarget. |
| Information_Source0..1 | InformationSourceType |
The Information_Source field details the source of this entry. |
| Handling0..1 | MarkingType |
The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants. |
| Related_Exploit_Targets0..1 | RelatedExploitTargetsType |
The Related_Exploit_Targets field specifies one or more exploit targets that are related to this exploit target. |
| Related_Packages0..1 | RelatedPackageRefsType |
The Related_Packages field identifies or characterizes relationships to set of related Packages. DEPRECATED: This field is deprecated and will be removed in the next major version of STIX. Its use is strongly discouraged except for legacy applications. |
