new: [vulnerability] first version of a taxonomy for vulnerabilities

This taxonomy is originally maintained by MISP project and done for the vulnerability-lookup project https://github.com/cve-search/vulnerability-lookup The taxonomy will be extended and improved. Contributions are also very welcome. Thanks to @cedricbonhomme for the original discussions.
MISP · Aug 30, 2024 · e1a1d05 · e1a1d05 · cedricbonhomme · Aug 30, 2024
1 parent 15efab5
commit e1a1d05
Showing 1 changed file with 66 additions and 0 deletions.
diff --git a/vulnerability/machinetag.json b/vulnerability/machinetag.json
@@ -0,0 +1,66 @@
+{
+  "namespace": "vulnerability",
+  "expanded": "vulnerability",
+  "description": "A taxonomy for describing vulnerabilities (software, hardware, or social) on different scales or with additional available information.",
+  "version": 1,
+  "predicates": [
+    {
+      "value": "exploitability",
+      "expanded": "Exploitability",
+      "description": "Quantification of attack exploitability, providing a level of exploitation for the identified vulnerability.",
+      "exclusive": true
+    },
+    {
+      "value": "information",
+      "expanded": "Information",
+      "description": "Complementary information related to the vulnerability."
+    }
+  ],
+  "values": [
+    {
+      "predicate": "exploitability",
+      "entry": [
+        {
+          "value": "industrialised",
+          "expanded": "Industrialised",
+          "description": "Existing vulnerability with detailed attack methods; multiple tools are available for exploitation."
+        },
+        {
+          "value": "customised",
+          "expanded": "Customised",
+          "description": "Existing vulnerability with a detailed attack approach and one known custom tool available for exploitation."
+        },
+        {
+          "value": "documented",
+          "expanded": "Documented",
+          "description": "Existing vulnerability is documented with an attack approach, but tools for exploitation are not available."
+        },
+        {
+          "value": "theoretical",
+          "expanded": "Theoretical",
+          "description": "Publication describes a theoretical but no actual vulnerability is reported."
+        }
+      ]
+    },
+    {
+      "predicate": "information",
+      "entry": [
+        {
+          "value": "PoC",
+          "expanded": "Proof-of-Concept",
+          "description": "Reference to a proof-of-concept for exploiting the vulnerability."
+        },
+        {
+          "value": "remediation",
+          "expanded": "Remediation",
+          "description": "Remediation to limit or block the exploitability of the vulnerability."
+        },
+        {
+          "value": "annotation",
+          "expanded": "Annotation",
+          "description": "Annotation or clarification to a vulnerability."
+        }
+      ]
+    }
+  ]
+}