Advisory
advisory
The Advisory object represents publicly disclosed cybersecurity vulnerabilities defined in a Secruity advisory. e.g. Microsoft KB Article, Apple Security Advisory
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Average Timespan | avg_timespan |
Time Span[] | The average time to patch. |
| Patch Bulletin | bulletin |
String | The Advisory bulletin identifier. |
| Classification | classification |
String | The vendors classification of the Advisory. |
| Created Time | created_time |
Timestamp | The time when the Advisory record was created. |
| Description | desc |
String | A brief description of the Advisory Record. |
| Install State | install_state |
String | The install state of the Advisory. |
| Install State ID | install_state_id |
Integer |
The normalized install state ID of the Advisory.
|
| The patch is superseded. | is_superseded |
Boolean | The Advisory has been replaced by another. |
| Modified Time | modified_time |
Timestamp | The time when the Advisory record was last updated. |
| OS | os |
Operating System (OS)[] | The operating system the Advisory applies to. |
| Product | product |
Product[] | The product where the vulnerability was discovered. |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| References | references |
String[] | A list of reference URLs with additional information about the vulnerabilities disclosed in the Advisory. |
| Related CVEs | related_cves |
CVE[] | A list of Common Vulnerabilities and Exposures (CVE) identifiers related to the vulnerabilities disclosed in the Advisory. |
| Related CWEs | related_cwes |
CWE[] | A list of Common Weakness Enumeration (CWE) identifiers related to the vulnerabilities disclosed in the Advisory. |
| Size | size |
Long | The size in bytes for the Advisory. Usually populated for a KB Article patch. |
| Source URL | src_url |
URL String |
Entity:URL_STRINGThe Advisory link from the source vendor. |
| Title | title |
String | A title or a brief phrase summarizing the Advisory. |
| Advisory ID | uid |
String | The unique number assigned to the disclosed vulnerability. |
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference Advisory in their attributes:
Outbound Relationships
Advisory references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 9 days ago