• Home
• org.mitre
• stix
• 1.2.0.1
• source code
• exploit_target.xsd

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

schemas.v1.2.0.exploit_target.xsd Maven / Gradle / Ivy

	
		This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org. 
		
			STIX Exploit Target
			1.2
			05/15/2015 9:00:00 AM
			Structured Threat Information eXpression (STIX) - ExploitTarget - Schematic implementation for the ExploitTarget construct within the STIX structured cyber threat expression language architecture
			Copyright (c) 2012-2015, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the STIX License located at http://stix.mitre.org/about/termsofuse.html. See the STIX License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the STIX Schema, this license header must be included. 
		
	
	
	
	
	
		
			The ExploitTarget field characterizes potential targets for exploitation. In other words characteristics about targeted victims that may make them vulnerable to attack.
		
	
	
		
			Represents a single STIX Exploit Target.
			ExploitTargets are vulnerabilities or weaknesses in software, systems, networks or configurations that are targeted for exploitation by the TTP of a ThreatActor. In a structured sense, ExploitTargets consist of vulnerability identifications or characterizations, weakness identifications or characterizations, configuration identifications or characterizations, potential Courses of Action, source of the ExploitTarget information, handling guidance, etc.
		
		
			
				
					
						
							The Title field provides a simple title for this ExploitTarget.
						
					
					
						
							The Description field is optional and provides an unstructured, text description of this ExploitTarget.
						
					
					
						
							The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget.
						
					
					
						
							The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.
						
					
					
						
							The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.
						
					
					
						
							The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.
						
					
					
						
							The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.
						
					
					
						
							The Information_Source field details the source of this entry.
						
					
					
						
							The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.
						
					
					
						
							The Related_Exploit_Targets field specifies one or more exploit targets that are related to this exploit target.
						
					
					
						
							The Related_Packages field identifies or characterizes relationships to set of related Packages.
							DEPRECATED: This field is deprecated and will be removed in the next major version of STIX. Its use is strongly discouraged except for legacy applications.
							
								true
							
						
					
				
				
					
						Specifies the relevant STIX-ExploitTarget schema version for this content.
					
				
			
		
	
	
	
		
			An enumeration of all versions of the Exploit Target type valid in the current release of STIX.
		
		
			
			
			
			
			
		
	
	
		
			Characterizes an individual vulnerability.
			In addition to capturing basic information and references to vulnerability registries, this type is intended to be extended to enable the structured description of a vulnerability by using the XML Schema extension feature. The STIX default extension uses the Common Vulnerability Reporting Format (CVRF) schema to do so. The extension that defines this is captured in the CVRF1.1InstanceType in the http://stix.mitre.org/extensions/Vulnerability#CVRF1.1-1 namespace. This type is defined in the extensions/vulnerability/cvrf_1.1_vulnerability.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/vulnerability/cvrf_1.1/1.2/cvrf_1.1_vulnerability.xsd.
		
		
			
				
					The Title field provides a simple title for this vulnerability.
				
			
			
				
					The Description field provides an unstructured, text description of this vulnerability.
				
			
			
				
					The Short_Description field provides a short, unstructured, text description of this vulnerability.
				
			
			
				
					The CVE_ID field specifies a CVE identifier for a particular vulnerability.
				
				
					
						
					
				
			
			
				
					The OSVDB_ID field specifies an OSVDB identifier for a particular vulnerability.
				
			
			
				
					The Source field describes the source of the CVE or OSVDB as a textual description or URL.
				
			
			
				
					The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.
				
			
			
				
					The date and time that this vulnerability was first discovered.
				
			
			
				
					The date and time that this vulnerability was first published.
				
			
			
				
					The Affected_Software field captures the list of platforms and software that are affected by this vulnerability. It is implemented through the CybOX Observables, the suggested CybOX objects to use are the Product Object, the Device Object, the System Object, and the Code Object.
				
			
			
				
					The References field captures a list of external references describing this vulnerability.
				
			
		
		
			
				The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.
			
		
		
			
				The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.
			
		
	
	
		
			
				
					
						
							The Potential_COA field specifies a potential Course of Action for this ExploitTarget.
						
					
				
			
		
	
	
		
			
				
					The Description field is optional and provides an unstructured, text description of this Configuration.
				
			
			
				
					The Short_Description field is optional and provides a short, unstructured, text description of this Configuration.
				
			
			
				
					The CCE_ID field is optional and specifies a CCE identifier for a particular configuration item.
				
				
					
						
					
				
			
		
	
	
		
			
				
					The Description field is optional and provides an unstructured, text description of this Weakness.
				
			
			
				
					The CWE_ID element is optional and specifies a CWE identifier for a particular weakness.
				
				
					
						
					
				
			
		
	
	
		
			
				
					
						
							Characterizes a single instance of software affected by this vulnerability.
						
					
				
			
		
	
	
		
			
				
					Captures the overall CVSS 2.0 score. Note that this is not the same as the unadjusted CVSS Base Score, which should be captured in the Base_Score field.
				
			
			
				
					Captures the unadjusted CVSS 2.0 Base score.
				
			
			
				
					Captures the CVSS 2.0 Base Vector per the compressed string format.
				
			
			
				
					Captures the unadjusted CVSS 2.0 Temporal score.
				
			
			
				
					Captures the CVSS 2.0 Temporal Vector per the compressed string format.
				
			
			
				
					Captures the unadjusted CVSS 2.0 Environmental score.
				
			
			
				
					Captures the CVSS 2.0 Environmental Vector in the compressed string format.
				
			
		
	
	
		
			
		
	
	
		
			
		
	
	
		
			
		
	
	
		
			
		
	
	
		
			
				
					
						
							The Related_Exploit_Target field specifies a single other exploit target related to this exploit target.