CWE

cwe

The CWE object represents a weakness in a software system that can be exploited by a threat actor to perform an attack. The CWE object is based on the Common Weakness Enumeration (CWE) catalog.

Attributes

CaptionNameTypeDescription
CaptioncaptionString

The caption assigned to the Common Weakness Enumeration unique identifier.

Raw Dataraw_dataJSON

Group:context
The event data as received from the event source.

Record IDrecord_idString

Group:primary
Unique identifier for the object

Source URLsrc_urlURL String

Entity:URL_STRING
URL pointing to the CWE Specification. For more information see CWE.

CWE IDuidString

Entity:CWE_ID
The Common Weakness Enumeration unique number assigned to a specific weakness. A CWE Identifier begins "CWE" followed by a sequence of digits that acts as a unique identifier. For example: CWE-123.

UnmappedunmappedUnmapped[]

Data from the source that was not mapped into the schema.

Relationships

CWE shown in context

Inbound Relationships

These objects and events reference CWE in their attributes:

Outbound Relationships

CWE references the following objects and events in its attributes:

This page describes ocsf-1.4.0