Vulnerability Details

vulnerability

The vulnerability is an unintended characteristic of a computing component or system configuration that multiplies the risk of an adverse event or a loss occurring either due to accidental exposure, deliberate attack, or conflict with new system components.

Attributes

CaptionNameTypeDescription
Security Advisory advisory Advisory[] Detail about the security advisory, that is used to publicly disclose cybersecurity vulnerabilities by a vendor.
Affected Code affected_code Affected Code[] List of Affected Code objects that describe details about code blocks identified as vulnerable.
Affected Software Packages affected_packages Affected Software Package[] List of software packages identified as affected by a vulnerability/vulnerabilities.
CVE cve CVE[] Describes the Common Vulnerabilities and Exposures (CVE) details related to the vulnerability.
CWE cwe CWE[] Describes the Common Weakness Enumeration (CWE) details related to the vulnerability.
Description desc String The description of the vulnerability.
Exploit Last Seen Time exploit_last_seen_time Timestamp The time when the exploit was most recently observed.
First Seen first_seen_time Timestamp The time when the vulnerability was first observed.
Fix Availability fix_available Boolean Indicates if a fix is available for the reported vulnerability.

🚧 WARNING: DEPRECATED

Fix Availability has been deprecated since 1.1.0. Use the is_fix_available attribute instead.

Exploit Availability is_exploit_available Boolean Indicates if an exploit or a PoC (proof-of-concept) is available for the reported vulnerability.
Fix Availability is_fix_available Boolean Indicates if a fix is available for the reported vulnerability.
Knowledgebase Articles kb_article_list KB Article[] A list of KB articles or patches related to an endpoint. A KB Article contains metadata that describes the patch or an update.

🚧 WARNING: DEPRECATED

Knowledgebase Articles has been deprecated since 1.4.0. Use advisory attribute instead.

Knowledgebase Articles kb_articles String[] The KB article/s related to the entity. A KB Article contains metadata that describes the patch or an update.

🚧 WARNING: DEPRECATED

Knowledgebase Articles has been deprecated since 1.1.0. Use the kb_article_list attribute instead.

Last Seen last_seen_time Timestamp The time when the vulnerability was most recently observed.
Software Packages packages Software Package[] List of vulnerable packages as identified by the security product

🚧 WARNING: DEPRECATED

Software Packages has been deprecated since 1.1.0. Use the affected_packages attribute instead.

Raw Data raw_data JSON Group:context
The event data as received from the event source.
Record ID record_id String Group:primary
Unique identifier for the object
References references String[] A list of reference URLs with additional information about the vulnerability.
Remediation Guidance remediation Remediation[] The remediation recommendations on how to mitigate the identified vulnerability.
Severity severity String The vendor assigned severity of the vulnerability.
Title title String A title or a brief phrase summarizing the discovered vulnerability.
Unmapped unmapped Unmapped[] Data from the source that was not mapped into the schema.
Vendor Name vendor_name String The name of the vendor that identified the vulnerability.

Relationships

Vulnerability Details shown in context

Inbound Relationships

These objects and events reference Vulnerability Details in their attributes:

Outbound Relationships

Vulnerability Details references the following objects and events in its attributes:

This page describes ocsf-1.4.0