scoutTHREAT - Vulnerability Objects
Written by Benjamin Dewey
Updated over a week ago

A Vulnerability is an Intelligence Object sharing many Relationships with other objects.

According to STIX Version 2.1, a Vulnerability is a weakness or defect in the requirements, designs, or implementations of the computational logic (e.g., code) found in software and some hardware components (e.g., firmware) that can be directly exploited to negatively impact the confidentiality, integrity, or availability of that system.

Common Vulnerabilities and Exposures (CVE) is a database of information security vulnerabilities and exposures that provides common names for publicly known problems. For example, if a piece of malware exploits CVE-2015-12345, a Malware object could be linked to a Vulnerability object that references CVE-2015-12345.

Did this answer your question?