Vulnerability
Fields to describe the vulnerability relevant to an event.
Fields
Field Summary
| Field | Type | Level | Description |
|---|---|---|---|
vulnerability.category | keyword | Extended | Category of a vulnerability. |
vulnerability.classification | keyword | Extended | Classification of the vulnerability. |
vulnerability.description | keyword | Extended | Description of the vulnerability. |
vulnerability.description.text | match_only_text | Extended | Description of the vulnerability. |
vulnerability.enumeration | keyword | Extended | Identifier of the vulnerability. |
vulnerability.id | keyword | Extended | ID of the vulnerability. |
vulnerability.reference | keyword | Extended | Reference of the vulnerability. |
vulnerability.report_id | keyword | Extended | Scan identification number. |
vulnerability.scanner.vendor | keyword | Extended | Name of the scanner vendor. |
vulnerability.score.base | float | Extended | Vulnerability Base score. |
vulnerability.score.environmental | float | Extended | Vulnerability Environmental score. |
vulnerability.score.temporal | float | Extended | Vulnerability Temporal score. |
vulnerability.score.version | keyword | Extended | CVSS version. |
vulnerability.severity | keyword | Extended | Severity of the vulnerability. |
Field Details
vulnerability.category
Type: keyword
Level: Extended
Description: Category of a vulnerability.
Example: ["Firewall"]
Normalization: array
Indexed: true
vulnerability.classification
Type: keyword
Level: Extended
Description: Classification of the vulnerability.
Example: CVSS
Indexed: true
vulnerability.description
Type: keyword
Level: Extended
Description: Description of the vulnerability.
Example: In macOS before 2.12.6, there is a vulnerability in the RPC...
Indexed: true
vulnerability.description.text
Type: match_only_text
Level: Extended
Description: Description of the vulnerability.
Example: In macOS before 2.12.6, there is a vulnerability in the RPC...
Indexed: true
vulnerability.enumeration
Type: keyword
Level: Extended
Description: Identifier of the vulnerability.
Example: CVE
Indexed: true
vulnerability.id
Type: keyword
Level: Extended
Description: ID of the vulnerability.
Example: CVE-2019-00001
Indexed: true
vulnerability.reference
Type: keyword
Level: Extended
Description: Reference of the vulnerability.
Example: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
Indexed: true
vulnerability.report_id
Type: keyword
Level: Extended
Description: Scan identification number.
Example: 20191018.0001
Indexed: true
vulnerability.scanner.vendor
Type: keyword
Level: Extended
Description: Name of the scanner vendor.
Example: Tenable
Indexed: true
vulnerability.score.base
Type: float
Level: Extended
Description: Vulnerability Base score.
Example: 5.5
Indexed: true
vulnerability.score.environmental
Type: float
Level: Extended
Description: Vulnerability Environmental score.
Example: 5.5
Indexed: true
vulnerability.score.temporal
Type: float
Level: Extended
Description: Vulnerability Temporal score.
Indexed: true
vulnerability.score.version
Type: keyword
Level: Extended
Description: CVSS version.
Example: 2.0
Indexed: true
vulnerability.severity
Type: keyword
Level: Extended
Description: Severity of the vulnerability.
Example: Critical
Indexed: true