Vulnerability Identifier Object

Examples include a knowledge base article number, patch number, a bug tracking database identifier or a common identifier such as a Common Vulnerabilities and Exposures (CVE) identifier. A CVE is a widely adopted identifier used across many organizations.

Properties

A vulnerability identifier has the following properties.

Scheme

Name scheme

Cardinality one

Description a namespace and/or scheme to identify the rules regarding how a given vulnerability identifier should be enumerated.

The scheme value MUST be an absolute URI as specified by RFC 3986 section 4.3.

Value

Name value

Cardinality one

Description The vulnerability identifier based on the identification scheme.

The value MUST be based on the lexical space of a string as defined by ECMA-404 2nd edition, section 9.

Relationships

None.

Example

{
 "hasIdentity": [
    {
     "scheme": "http://cve.mitre.org",
     "value": "CVE-2050-1234"
    }
 ]
}

Graph View

Vulnerability Identifier Graph