Showing:

Annotations
Attributes
Diagrams
Facets
Source
Used by
Imported schema exploit_target.xsd
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
This schema was originally developed by The MITRE Corporation. The STIX XML Schema implementation is maintained by The MITRE Corporation and developed by the open STIX Community. For more information, including how to get involved in the effort and how to submit change requests, please visit the STIX website at http://stix.mitre.org.
Element et:VulnerabilityType / et:Title
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Title field provides a simple title for this vulnerability.
Diagram
Diagram
Type xs:string
Source
<xs:element name="Title" type="xs:string" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Title field provides a simple title for this vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Description field provides an unstructured, text description of this vulnerability.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Description field provides an unstructured, text description of this vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Short_Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Short_Description field provides a short, unstructured, text description of this vulnerability.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Short_Description field provides a short, unstructured, text description of this vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:CVE_ID
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The CVE_ID field specifies a CVE identifier for a particular vulnerability.
Diagram
Diagram
Type restriction of xs:string
Facets
pattern CVE-\d\d\d\d-\d+
Source
<xs:element name="CVE_ID" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The CVE_ID field specifies a CVE identifier for a particular vulnerability.</xs:documentation>
  </xs:annotation>
  <xs:simpleType>
    <xs:restriction base="xs:string">
      <xs:pattern value="CVE-\d\d\d\d-\d+"/>
    </xs:restriction>
  </xs:simpleType>
</xs:element>
Element et:VulnerabilityType / et:OSVDB_ID
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The OSVDB_ID field specifies an OSVDB identifier for a particular vulnerability.
Diagram
Diagram
Type xs:positiveInteger
Source
<xs:element name="OSVDB_ID" type="xs:positiveInteger" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The OSVDB_ID field specifies an OSVDB identifier for a particular vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Source
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Source field describes the source of the CVE or OSVDB as a textual description or URL.
Diagram
Diagram
Type xs:string
Source
<xs:element name="Source" type="xs:string" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Source field describes the source of the CVE or OSVDB as a textual description or URL.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:CVSS_Score
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.
Diagram
Diagram exploit_target_xsd.tmp#CVSSVectorType_Overall_Score exploit_target_xsd.tmp#CVSSVectorType_Base_Score exploit_target_xsd.tmp#CVSSVectorType_Base_Vector exploit_target_xsd.tmp#CVSSVectorType_Temporal_Score exploit_target_xsd.tmp#CVSSVectorType_Temporal_Vector exploit_target_xsd.tmp#CVSSVectorType_Environmental_Score exploit_target_xsd.tmp#CVSSVectorType_Environmental_Vector exploit_target_xsd.tmp#CVSSVectorType
Type et:CVSSVectorType
Children et:Base_Score, et:Base_Vector, et:Environmental_Score, et:Environmental_Vector, et:Overall_Score, et:Temporal_Score, et:Temporal_Vector
Source
<xs:element name="CVSS_Score" type="et:CVSSVectorType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Overall_Score
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the overall CVSS 2.0 score. Note that this is not the same as the unadjusted CVSS Base Score, which should be captured in the Base_Score field.
Diagram
Diagram exploit_target_xsd.tmp#CVSSScoreType
Type et:CVSSScoreType
Facets
pattern ((10)|[0-9])\.[0-9]
Source
<xs:element name="Overall_Score" type="et:CVSSScoreType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the overall CVSS 2.0 score. Note that this is not the same as the unadjusted CVSS Base Score, which should be captured in the Base_Score field.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Base_Score
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the unadjusted CVSS 2.0 Base score.
Diagram
Diagram exploit_target_xsd.tmp#CVSSScoreType
Type et:CVSSScoreType
Facets
pattern ((10)|[0-9])\.[0-9]
Source
<xs:element name="Base_Score" type="et:CVSSScoreType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the unadjusted CVSS 2.0 Base score.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Base_Vector
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the CVSS 2.0 Base Vector per the compressed string format.
Diagram
Diagram exploit_target_xsd.tmp#CVSSBaseVectorType
Type et:CVSSBaseVectorType
Facets
pattern AV:[LAN]/AC:[HML]/Au:[MSN]/C:[NPC]/I:[NPC]/A:[NPC]
Source
<xs:element name="Base_Vector" type="et:CVSSBaseVectorType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the CVSS 2.0 Base Vector per the compressed string format.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Temporal_Score
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the unadjusted CVSS 2.0 Temporal score.
Diagram
Diagram exploit_target_xsd.tmp#CVSSScoreType
Type et:CVSSScoreType
Facets
pattern ((10)|[0-9])\.[0-9]
Source
<xs:element name="Temporal_Score" type="et:CVSSScoreType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the unadjusted CVSS 2.0 Temporal score.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Temporal_Vector
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the CVSS 2.0 Temporal Vector per the compressed string format.
Diagram
Diagram exploit_target_xsd.tmp#CVSSTemporalVectorType
Type et:CVSSTemporalVectorType
Facets
pattern E:([UFH]|(POC)|(ND))/RL:([WU]|(OF)|(TF)|(ND))/RC:([C]|(UC)|(UR)|(ND))
Source
<xs:element name="Temporal_Vector" type="et:CVSSTemporalVectorType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the CVSS 2.0 Temporal Vector per the compressed string format.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Environmental_Score
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the unadjusted CVSS 2.0 Environmental score.
Diagram
Diagram exploit_target_xsd.tmp#CVSSScoreType
Type et:CVSSScoreType
Facets
pattern ((10)|[0-9])\.[0-9]
Source
<xs:element name="Environmental_Score" type="et:CVSSScoreType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the unadjusted CVSS 2.0 Environmental score.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:CVSSVectorType / et:Environmental_Vector
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Captures the CVSS 2.0 Environmental Vector in the compressed string format.
Diagram
Diagram exploit_target_xsd.tmp#CVSSEnvironmentalVectorType
Type et:CVSSEnvironmentalVectorType
Facets
pattern CDP:([NLH]|(LM)|(MH)|(ND))/TD:([NLMH]|(ND))/CR:([LMH]|(ND))/IR:([LMH]|(ND))/AR:([LMH]|(ND))
Source
<xs:element name="Environmental_Vector" type="et:CVSSEnvironmentalVectorType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>Captures the CVSS 2.0 Environmental Vector in the compressed string format.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Discovered_DateTime
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The date and time that this vulnerability was first discovered.
Diagram
Diagram stix_common_xsd.tmp#DateTimeWithPrecisionType_precision stix_common_xsd.tmp#DateTimeWithPrecisionType
Type stixCommon:DateTimeWithPrecisionType
Attributes
QName Type Default Use Annotation
precision stixCommon:DateTimePrecisionEnum second optional
The precision of the associated dateTime. If omitted, the default is "second", meaning the full field value (including fractional seconds).
Source
<xs:element name="Discovered_DateTime" type="stixCommon:DateTimeWithPrecisionType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The date and time that this vulnerability was first discovered.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Published_DateTime
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The date and time that this vulnerability was first published.
Diagram
Diagram stix_common_xsd.tmp#DateTimeWithPrecisionType_precision stix_common_xsd.tmp#DateTimeWithPrecisionType
Type stixCommon:DateTimeWithPrecisionType
Attributes
QName Type Default Use Annotation
precision stixCommon:DateTimePrecisionEnum second optional
The precision of the associated dateTime. If omitted, the default is "second", meaning the full field value (including fractional seconds).
Source
<xs:element name="Published_DateTime" type="stixCommon:DateTimeWithPrecisionType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The date and time that this vulnerability was first published.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:Affected_Software
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Affected_Software field captures the list of platforms and software that are affected by this vulnerability. It is implemented through the CybOX Observables, the suggested CybOX objects to use are the Product Object, the Device Object, the System Object, and the Code Object.
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipListType_scope stix_common_xsd.tmp#GenericRelationshipListType exploit_target_xsd.tmp#AffectedSoftwareType_Affected_Software exploit_target_xsd.tmp#AffectedSoftwareType
Type et:AffectedSoftwareType
Type hierarchy
Children et:Affected_Software
Attributes
QName Type Default Use Annotation
scope stixCommon:RelationshipScopeEnum exclusive optional
Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually.
Source
<xs:element name="Affected_Software" type="et:AffectedSoftwareType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Affected_Software field captures the list of platforms and software that are affected by this vulnerability. It is implemented through the CybOX Observables, the suggested CybOX objects to use are the Product Object, the Device Object, the System Object, and the Code Object.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:AffectedSoftwareType / et:Affected_Software
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Characterizes a single instance of software affected by this vulnerability.
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipType_Confidence stix_common_xsd.tmp#GenericRelationshipType_Information_Source stix_common_xsd.tmp#GenericRelationshipType_Relationship stix_common_xsd.tmp#GenericRelationshipType stix_common_xsd.tmp#RelatedObservableType_Observable stix_common_xsd.tmp#RelatedObservableType
Type stixCommon:RelatedObservableType
Type hierarchy
Children stixCommon:Confidence, stixCommon:Information_Source, stixCommon:Observable, stixCommon:Relationship
Source
<xs:element name="Affected_Software" type="stixCommon:RelatedObservableType" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>Characterizes a single instance of software affected by this vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:VulnerabilityType / et:References
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The References field captures a list of external references describing this vulnerability.
Diagram
Diagram stix_common_xsd.tmp#ReferencesType_Reference stix_common_xsd.tmp#ReferencesType
Type stixCommon:ReferencesType
Children stixCommon:Reference
Source
<xs:element name="References" type="stixCommon:ReferencesType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The References field captures a list of external references describing this vulnerability.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:Exploit_Target
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The ExploitTarget field characterizes potential targets for exploitation. In other words characteristics about targeted victims that may make them vulnerable to attack.
Diagram
Diagram stix_common_xsd.tmp#ExploitTargetBaseType_id stix_common_xsd.tmp#ExploitTargetBaseType_idref stix_common_xsd.tmp#ExploitTargetBaseType_timestamp stix_common_xsd.tmp#ExploitTargetBaseType exploit_target_xsd.tmp#ExploitTargetType_version exploit_target_xsd.tmp#ExploitTargetType_Title exploit_target_xsd.tmp#ExploitTargetType_Description exploit_target_xsd.tmp#ExploitTargetType_Short_Description exploit_target_xsd.tmp#ExploitTargetType_Vulnerability exploit_target_xsd.tmp#ExploitTargetType_Weakness exploit_target_xsd.tmp#ExploitTargetType_Configuration exploit_target_xsd.tmp#ExploitTargetType_Potential_COAs exploit_target_xsd.tmp#ExploitTargetType_Information_Source exploit_target_xsd.tmp#ExploitTargetType_Handling exploit_target_xsd.tmp#ExploitTargetType_Related_Exploit_Targets exploit_target_xsd.tmp#ExploitTargetType_Related_Packages exploit_target_xsd.tmp#ExploitTargetType
Type et:ExploitTargetType
Type hierarchy
Children et:Configuration, et:Description, et:Handling, et:Information_Source, et:Potential_COAs, et:Related_Exploit_Targets, et:Related_Packages, et:Short_Description, et:Title, et:Vulnerability, et:Weakness
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this ExploitTarget.
idref xs:QName optional
Specifies a globally unique identifier of an ExploitTarget specified elsewhere.
When idref is specified, the id attribute must not be specified, and any instance of this ExploitTarget should not hold content.
timestamp xs:dateTime optional
Specifies a timestamp for the definition of a specific version of an ExploitTarget When used in conjunction with the id, this field is specifying the definition time for the specific version of the  ExploitTarget. When used in conjunction with the idref, this field is specifying a reference to a specific version of an ExploitTarget defined elsewhere. This field has no defined semantic meaning if used in the absence of either the id or idref fields.
version et:ExploitTargetVersionType optional
Specifies the relevant STIX-ExploitTarget schema version for this content.
Source
<xs:element name="Exploit_Target" type="et:ExploitTargetType">
  <xs:annotation>
    <xs:documentation>The ExploitTarget field characterizes potential targets for exploitation. In other words characteristics about targeted victims that may make them vulnerable to attack.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Title
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Title field provides a simple title for this ExploitTarget.
Diagram
Diagram
Type xs:string
Source
<xs:element name="Title" type="xs:string" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Title field provides a simple title for this ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Description field is optional and provides an unstructured, text description of this ExploitTarget.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Description field is optional and provides an unstructured, text description of this ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Short_Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Vulnerability
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.
Diagram
Diagram exploit_target_xsd.tmp#VulnerabilityType_is_known exploit_target_xsd.tmp#VulnerabilityType_is_publicly_acknowledged exploit_target_xsd.tmp#VulnerabilityType_Title exploit_target_xsd.tmp#VulnerabilityType_Description exploit_target_xsd.tmp#VulnerabilityType_Short_Description exploit_target_xsd.tmp#VulnerabilityType_CVE_ID exploit_target_xsd.tmp#VulnerabilityType_OSVDB_ID exploit_target_xsd.tmp#VulnerabilityType_Source exploit_target_xsd.tmp#VulnerabilityType_CVSS_Score exploit_target_xsd.tmp#VulnerabilityType_Discovered_DateTime exploit_target_xsd.tmp#VulnerabilityType_Published_DateTime exploit_target_xsd.tmp#VulnerabilityType_Affected_Software exploit_target_xsd.tmp#VulnerabilityType_References exploit_target_xsd.tmp#VulnerabilityType
Type et:VulnerabilityType
Children et:Affected_Software, et:CVE_ID, et:CVSS_Score, et:Description, et:Discovered_DateTime, et:OSVDB_ID, et:Published_DateTime, et:References, et:Short_Description, et:Source, et:Title
Attributes
QName Type Use Annotation
is_known xs:boolean optional
The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.
is_publicly_acknowledged xs:boolean optional
The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.
Source
<xs:element name="Vulnerability" type="et:VulnerabilityType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Weakness
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.
Diagram
Diagram exploit_target_xsd.tmp#WeaknessType_Description exploit_target_xsd.tmp#WeaknessType_CWE_ID exploit_target_xsd.tmp#WeaknessType
Type et:WeaknessType
Children et:CWE_ID, et:Description
Source
<xs:element name="Weakness" type="et:WeaknessType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:WeaknessType / et:Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Description field is optional and provides an unstructured, text description of this Weakness.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Description field is optional and provides an unstructured, text description of this Weakness.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:WeaknessType / et:CWE_ID
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The CWE_ID element is optional and specifies a CWE identifier for a particular weakness.
Diagram
Diagram
Type restriction of xs:string
Facets
pattern CWE-\d+
Source
<xs:element name="CWE_ID" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The CWE_ID element is optional and specifies a CWE identifier for a particular weakness.</xs:documentation>
  </xs:annotation>
  <xs:simpleType>
    <xs:restriction base="xs:string">
      <xs:pattern value="CWE-\d+"/>
    </xs:restriction>
  </xs:simpleType>
</xs:element>
Element et:ExploitTargetType / et:Configuration
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.
Diagram
Diagram exploit_target_xsd.tmp#ConfigurationType_Description exploit_target_xsd.tmp#ConfigurationType_Short_Description exploit_target_xsd.tmp#ConfigurationType_CCE_ID exploit_target_xsd.tmp#ConfigurationType
Type et:ConfigurationType
Children et:CCE_ID, et:Description, et:Short_Description
Source
<xs:element name="Configuration" type="et:ConfigurationType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ConfigurationType / et:Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Description field is optional and provides an unstructured, text description of this Configuration.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Description field is optional and provides an unstructured, text description of this Configuration.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ConfigurationType / et:Short_Description
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Short_Description field is optional and provides a short, unstructured, text description of this Configuration.
Diagram
Diagram stix_common_xsd.tmp#StructuredTextType_id stix_common_xsd.tmp#StructuredTextType_ordinality stix_common_xsd.tmp#StructuredTextType_structuring_format stix_common_xsd.tmp#StructuredTextType
Type stixCommon:StructuredTextType
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this Description.
ordinality xs:positiveInteger optional
Specifies the intended order position of this construct instance (e.g. Description) within a set of potentially multiple peer construct instances. If only a single construct instance is present its ordinality can be assumed to be 1. If multiple construct instances are present, the ordinality field should be specified with unique values for each instance.
structuring_format xs:string optional
Used to indicate a particular structuring format (e.g., HTML5) used within an instance of StructuredTextType. Note that if the markup tags used by this format would be interpreted as XML information (such as the bracket-based tags of HTML) the text area should be enclosed in a CDATA section to prevent the markup from interferring with XML validation of the STIX document. If this attribute is absent, the implication is that no markup is being used.
Source
<xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Short_Description field is optional and provides a short, unstructured, text description of this Configuration.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ConfigurationType / et:CCE_ID
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The CCE_ID field is optional and specifies a CCE identifier for a particular configuration item.
Diagram
Diagram
Type restriction of xs:string
Facets
pattern CCE-\d+-\d
Source
<xs:element name="CCE_ID" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The CCE_ID field is optional and specifies a CCE identifier for a particular configuration item.</xs:documentation>
  </xs:annotation>
  <xs:simpleType>
    <xs:restriction base="xs:string">
      <xs:pattern value="CCE-\d+-\d"/>
    </xs:restriction>
  </xs:simpleType>
</xs:element>
Element et:ExploitTargetType / et:Potential_COAs
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipListType_scope stix_common_xsd.tmp#GenericRelationshipListType exploit_target_xsd.tmp#PotentialCOAsType_Potential_COA exploit_target_xsd.tmp#PotentialCOAsType
Type et:PotentialCOAsType
Type hierarchy
Children et:Potential_COA
Attributes
QName Type Default Use Annotation
scope stixCommon:RelationshipScopeEnum exclusive optional
Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually.
Source
<xs:element name="Potential_COAs" type="et:PotentialCOAsType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:PotentialCOAsType / et:Potential_COA
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Potential_COA field specifies a potential Course of Action for this ExploitTarget.
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipType_Confidence stix_common_xsd.tmp#GenericRelationshipType_Information_Source stix_common_xsd.tmp#GenericRelationshipType_Relationship stix_common_xsd.tmp#GenericRelationshipType stix_common_xsd.tmp#RelatedCourseOfActionType_Course_Of_Action stix_common_xsd.tmp#RelatedCourseOfActionType
Type stixCommon:RelatedCourseOfActionType
Type hierarchy
Children stixCommon:Confidence, stixCommon:Course_Of_Action, stixCommon:Information_Source, stixCommon:Relationship
Source
<xs:element name="Potential_COA" type="stixCommon:RelatedCourseOfActionType" maxOccurs="unbounded">
  <xs:annotation>
    <xs:documentation>The Potential_COA field specifies a potential Course of Action for this ExploitTarget.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Information_Source
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Information_Source field details the source of this entry.
Diagram
Diagram stix_common_xsd.tmp#InformationSourceType_Description stix_common_xsd.tmp#InformationSourceType_Identity stix_common_xsd.tmp#InformationSourceType_Role stix_common_xsd.tmp#InformationSourceType_Contributing_Sources stix_common_xsd.tmp#InformationSourceType_Time stix_common_xsd.tmp#InformationSourceType_Tools stix_common_xsd.tmp#InformationSourceType_References stix_common_xsd.tmp#InformationSourceType
Type stixCommon:InformationSourceType
Children stixCommon:Contributing_Sources, stixCommon:Description, stixCommon:Identity, stixCommon:References, stixCommon:Role, stixCommon:Time, stixCommon:Tools
Source
<xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Handling
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.
Diagram
Diagram data_marking_xsd.tmp#MarkingType_Marking data_marking_xsd.tmp#MarkingType
Type marking:MarkingType
Children marking:Marking
Source
<xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
  <xs:annotation>
    <xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
  </xs:annotation>
</xs:element>
Element et:ExploitTargetType / et:Related_Exploit_Targets
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Diagram
Type et:RelatedExploitTargetsType
Type hierarchy
Children et:Related_Exploit_Target
Attributes
Source
Element et:RelatedExploitTargetsType / et:Related_Exploit_Target
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Diagram
Type stixCommon:RelatedExploitTargetType
Type hierarchy
Children stixCommon:Confidence, stixCommon:Exploit_Target, stixCommon:Information_Source, stixCommon:Relationship
Source
Element et:ExploitTargetType / et:Related_Packages
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Diagram
Type stixCommon:RelatedPackageRefsType
Children stixCommon:Package_Reference
Source
Complex Type et:VulnerabilityType
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Characterizes an individual vulnerability.
In addition to capturing basic information and references to vulnerability registries, this type is intended to be extended to enable the structured description of a vulnerability by using the XML Schema extension feature. The STIX default extension uses the Common Vulnerability Reporting Format (CVRF) schema to do so. The extension that defines this is captured in the CVRF1.1InstanceType in the http://stix.mitre.org/extensions/Vulnerability#CVRF1.1-1 namespace. This type is defined in the extensions/vulnerability/cvrf_1.1_vulnerability.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/vulnerability/cvrf_1.1/1.2/cvrf_1.1_vulnerability.xsd.
Diagram
Diagram exploit_target_xsd.tmp#VulnerabilityType_is_known exploit_target_xsd.tmp#VulnerabilityType_is_publicly_acknowledged exploit_target_xsd.tmp#VulnerabilityType_Title exploit_target_xsd.tmp#VulnerabilityType_Description exploit_target_xsd.tmp#VulnerabilityType_Short_Description exploit_target_xsd.tmp#VulnerabilityType_CVE_ID exploit_target_xsd.tmp#VulnerabilityType_OSVDB_ID exploit_target_xsd.tmp#VulnerabilityType_Source exploit_target_xsd.tmp#VulnerabilityType_CVSS_Score exploit_target_xsd.tmp#VulnerabilityType_Discovered_DateTime exploit_target_xsd.tmp#VulnerabilityType_Published_DateTime exploit_target_xsd.tmp#VulnerabilityType_Affected_Software exploit_target_xsd.tmp#VulnerabilityType_References
Used by
Children et:Affected_Software, et:CVE_ID, et:CVSS_Score, et:Description, et:Discovered_DateTime, et:OSVDB_ID, et:Published_DateTime, et:References, et:Short_Description, et:Source, et:Title
Attributes
QName Type Use Annotation
is_known xs:boolean optional
The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.
is_publicly_acknowledged xs:boolean optional
The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.
Source
<xs:complexType name="VulnerabilityType">
  <xs:annotation>
    <xs:documentation>Characterizes an individual vulnerability.</xs:documentation>
    <xs:documentation>In addition to capturing basic information and references to vulnerability registries, this type is intended to be extended to enable the structured description of a vulnerability by using the XML Schema extension feature. The STIX default extension uses the Common Vulnerability Reporting Format (CVRF) schema to do so. The extension that defines this is captured in the CVRF1.1InstanceType in the http://stix.mitre.org/extensions/Vulnerability#CVRF1.1-1 namespace. This type is defined in the extensions/vulnerability/cvrf_1.1_vulnerability.xsd file or at the URL http://stix.mitre.org/XMLSchema/extensions/vulnerability/cvrf_1.1/1.2/cvrf_1.1_vulnerability.xsd.</xs:documentation>
  </xs:annotation>
  <xs:sequence>
    <xs:element name="Title" type="xs:string" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The Title field provides a simple title for this vulnerability.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
      <xs:annotation>
        <xs:documentation>The Description field provides an unstructured, text description of this vulnerability.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
      <xs:annotation>
        <xs:documentation>The Short_Description field provides a short, unstructured, text description of this vulnerability.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="CVE_ID" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The CVE_ID field specifies a CVE identifier for a particular vulnerability.</xs:documentation>
      </xs:annotation>
      <xs:simpleType>
        <xs:restriction base="xs:string">
          <xs:pattern value="CVE-\d\d\d\d-\d+"/>
        </xs:restriction>
      </xs:simpleType>
    </xs:element>
    <xs:element name="OSVDB_ID" type="xs:positiveInteger" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The OSVDB_ID field specifies an OSVDB identifier for a particular vulnerability.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Source" type="xs:string" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The Source field describes the source of the CVE or OSVDB as a textual description or URL.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="CVSS_Score" type="et:CVSSVectorType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The CVSS_Score field captures the full CVSS v2.0 base, temporal, and environmental vectors in their string format.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Discovered_DateTime" type="stixCommon:DateTimeWithPrecisionType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The date and time that this vulnerability was first discovered.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Published_DateTime" type="stixCommon:DateTimeWithPrecisionType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The date and time that this vulnerability was first published.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Affected_Software" type="et:AffectedSoftwareType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The Affected_Software field captures the list of platforms and software that are affected by this vulnerability. It is implemented through the CybOX Observables, the suggested CybOX objects to use are the Product Object, the Device Object, the System Object, and the Code Object.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="References" type="stixCommon:ReferencesType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The References field captures a list of external references describing this vulnerability.</xs:documentation>
      </xs:annotation>
    </xs:element>
  </xs:sequence>
  <xs:attribute name="is_known" type="xs:boolean">
    <xs:annotation>
      <xs:documentation>The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.</xs:documentation>
    </xs:annotation>
  </xs:attribute>
  <xs:attribute name="is_publicly_acknowledged" type="xs:boolean">
    <xs:annotation>
      <xs:documentation>The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.</xs:documentation>
    </xs:annotation>
  </xs:attribute>
</xs:complexType>
Complex Type et:CVSSVectorType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram exploit_target_xsd.tmp#CVSSVectorType_Overall_Score exploit_target_xsd.tmp#CVSSVectorType_Base_Score exploit_target_xsd.tmp#CVSSVectorType_Base_Vector exploit_target_xsd.tmp#CVSSVectorType_Temporal_Score exploit_target_xsd.tmp#CVSSVectorType_Temporal_Vector exploit_target_xsd.tmp#CVSSVectorType_Environmental_Score exploit_target_xsd.tmp#CVSSVectorType_Environmental_Vector
Used by
Children et:Base_Score, et:Base_Vector, et:Environmental_Score, et:Environmental_Vector, et:Overall_Score, et:Temporal_Score, et:Temporal_Vector
Source
<xs:complexType name="CVSSVectorType">
  <xs:sequence>
    <xs:element name="Overall_Score" type="et:CVSSScoreType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the overall CVSS 2.0 score. Note that this is not the same as the unadjusted CVSS Base Score, which should be captured in the Base_Score field.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Base_Score" type="et:CVSSScoreType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the unadjusted CVSS 2.0 Base score.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Base_Vector" type="et:CVSSBaseVectorType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the CVSS 2.0 Base Vector per the compressed string format.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Temporal_Score" type="et:CVSSScoreType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the unadjusted CVSS 2.0 Temporal score.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Temporal_Vector" type="et:CVSSTemporalVectorType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the CVSS 2.0 Temporal Vector per the compressed string format.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Environmental_Score" type="et:CVSSScoreType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the unadjusted CVSS 2.0 Environmental score.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Environmental_Vector" type="et:CVSSEnvironmentalVectorType" minOccurs="0">
      <xs:annotation>
        <xs:documentation>Captures the CVSS 2.0 Environmental Vector in the compressed string format.</xs:documentation>
      </xs:annotation>
    </xs:element>
  </xs:sequence>
</xs:complexType>
Simple Type et:CVSSScoreType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram
Type restriction of xs:string
Facets
pattern ((10)|[0-9])\.[0-9]
Used by
Source
<xs:simpleType name="CVSSScoreType">
  <xs:restriction base="xs:string">
    <xs:pattern value="((10)|[0-9])\.[0-9]"/>
  </xs:restriction>
</xs:simpleType>
Simple Type et:CVSSBaseVectorType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram
Type restriction of xs:string
Facets
pattern AV:[LAN]/AC:[HML]/Au:[MSN]/C:[NPC]/I:[NPC]/A:[NPC]
Used by
Source
<xs:simpleType name="CVSSBaseVectorType">
  <xs:restriction base="xs:string">
    <xs:pattern value="AV:[LAN]/AC:[HML]/Au:[MSN]/C:[NPC]/I:[NPC]/A:[NPC]"/>
  </xs:restriction>
</xs:simpleType>
Simple Type et:CVSSTemporalVectorType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram
Type restriction of xs:string
Facets
pattern E:([UFH]|(POC)|(ND))/RL:([WU]|(OF)|(TF)|(ND))/RC:([C]|(UC)|(UR)|(ND))
Used by
Source
<xs:simpleType name="CVSSTemporalVectorType">
  <xs:restriction base="xs:string">
    <xs:pattern value="E:([UFH]|(POC)|(ND))/RL:([WU]|(OF)|(TF)|(ND))/RC:([C]|(UC)|(UR)|(ND))"/>
  </xs:restriction>
</xs:simpleType>
Simple Type et:CVSSEnvironmentalVectorType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram
Type restriction of xs:string
Facets
pattern CDP:([NLH]|(LM)|(MH)|(ND))/TD:([NLMH]|(ND))/CR:([LMH]|(ND))/IR:([LMH]|(ND))/AR:([LMH]|(ND))
Used by
Source
<xs:simpleType name="CVSSEnvironmentalVectorType">
  <xs:restriction base="xs:string">
    <xs:pattern value="CDP:([NLH]|(LM)|(MH)|(ND))/TD:([NLMH]|(ND))/CR:([LMH]|(ND))/IR:([LMH]|(ND))/AR:([LMH]|(ND))"/>
  </xs:restriction>
</xs:simpleType>
Complex Type et:AffectedSoftwareType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipListType_scope stix_common_xsd.tmp#GenericRelationshipListType exploit_target_xsd.tmp#AffectedSoftwareType_Affected_Software
Type extension of stixCommon:GenericRelationshipListType
Type hierarchy
Used by
Children et:Affected_Software
Attributes
QName Type Default Use Annotation
scope stixCommon:RelationshipScopeEnum exclusive optional
Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually.
Source
<xs:complexType name="AffectedSoftwareType">
  <xs:complexContent>
    <xs:extension base="stixCommon:GenericRelationshipListType">
      <xs:sequence>
        <xs:element name="Affected_Software" type="stixCommon:RelatedObservableType" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>Characterizes a single instance of software affected by this vulnerability.</xs:documentation>
          </xs:annotation>
        </xs:element>
      </xs:sequence>
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
Complex Type et:ExploitTargetType
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
Represents a single STIX Exploit Target.
ExploitTargets are vulnerabilities or weaknesses in software, systems, networks or configurations that are targeted for exploitation by the TTP of a ThreatActor. In a structured sense, ExploitTargets consist of vulnerability identifications or characterizations, weakness identifications or characterizations, configuration identifications or characterizations, potential Courses of Action, source of the ExploitTarget information, handling guidance, etc.
Diagram
Diagram stix_common_xsd.tmp#ExploitTargetBaseType_id stix_common_xsd.tmp#ExploitTargetBaseType_idref stix_common_xsd.tmp#ExploitTargetBaseType_timestamp stix_common_xsd.tmp#ExploitTargetBaseType exploit_target_xsd.tmp#ExploitTargetType_version exploit_target_xsd.tmp#ExploitTargetType_Title exploit_target_xsd.tmp#ExploitTargetType_Description exploit_target_xsd.tmp#ExploitTargetType_Short_Description exploit_target_xsd.tmp#ExploitTargetType_Vulnerability exploit_target_xsd.tmp#ExploitTargetType_Weakness exploit_target_xsd.tmp#ExploitTargetType_Configuration exploit_target_xsd.tmp#ExploitTargetType_Potential_COAs exploit_target_xsd.tmp#ExploitTargetType_Information_Source exploit_target_xsd.tmp#ExploitTargetType_Handling exploit_target_xsd.tmp#ExploitTargetType_Related_Exploit_Targets exploit_target_xsd.tmp#ExploitTargetType_Related_Packages
Type extension of stixCommon:ExploitTargetBaseType
Type hierarchy
Used by
Children et:Configuration, et:Description, et:Handling, et:Information_Source, et:Potential_COAs, et:Related_Exploit_Targets, et:Related_Packages, et:Short_Description, et:Title, et:Vulnerability, et:Weakness
Attributes
QName Type Use Annotation
id xs:QName optional
Specifies a globally unique identifier for this ExploitTarget.
idref xs:QName optional
Specifies a globally unique identifier of an ExploitTarget specified elsewhere.
When idref is specified, the id attribute must not be specified, and any instance of this ExploitTarget should not hold content.
timestamp xs:dateTime optional
Specifies a timestamp for the definition of a specific version of an ExploitTarget When used in conjunction with the id, this field is specifying the definition time for the specific version of the  ExploitTarget. When used in conjunction with the idref, this field is specifying a reference to a specific version of an ExploitTarget defined elsewhere. This field has no defined semantic meaning if used in the absence of either the id or idref fields.
version et:ExploitTargetVersionType optional
Specifies the relevant STIX-ExploitTarget schema version for this content.
Source
<xs:complexType name="ExploitTargetType">
  <xs:annotation>
    <xs:documentation>Represents a single STIX Exploit Target.</xs:documentation>
    <xs:documentation>ExploitTargets are vulnerabilities or weaknesses in software, systems, networks or configurations that are targeted for exploitation by the TTP of a ThreatActor. In a structured sense, ExploitTargets consist of vulnerability identifications or characterizations, weakness identifications or characterizations, configuration identifications or characterizations, potential Courses of Action, source of the ExploitTarget information, handling guidance, etc.</xs:documentation>
  </xs:annotation>
  <xs:complexContent>
    <xs:extension base="stixCommon:ExploitTargetBaseType">
      <xs:sequence>
        <xs:element name="Title" type="xs:string" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Title field provides a simple title for this ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Description field is optional and provides an unstructured, text description of this ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Short_Description field is optional and provides a short, unstructured, text description of this ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Vulnerability" type="et:VulnerabilityType" minOccurs="0" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Vulnerability field identifies and characterizes a Vulnerability as a potential ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Weakness" type="et:WeaknessType" minOccurs="0" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Weakness field identifies and characterizes a Weakness as a potential ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Configuration" type="et:ConfigurationType" minOccurs="0" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Configuration field identifies and characterizes a Configuration as a potential ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Potential_COAs" type="et:PotentialCOAsType" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Potential_COAs field specifies potential Courses of Action for this ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Information_Source" type="stixCommon:InformationSourceType" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Information_Source field details the source of this entry.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Handling" type="marking:MarkingType" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Handling field specifies the appropriate data handling markings for the elements of this Exploit Target. The valid marking scope is the nearest ExploitTargetBaseType ancestor of this Handling element and all its descendants.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Related_Exploit_Targets" type="et:RelatedExploitTargetsType" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Related_Exploit_Targets field specifies one or more exploit targets that are related to this exploit target.</xs:documentation>
          </xs:annotation>
        </xs:element>
        <xs:element name="Related_Packages" type="stixCommon:RelatedPackageRefsType" minOccurs="0">
          <xs:annotation>
            <xs:documentation>The Related_Packages field identifies or characterizes relationships to set of related Packages.</xs:documentation>
            <xs:documentation>DEPRECATED: This field is deprecated and will be removed in the next major version of STIX. Its use is strongly discouraged except for legacy applications.</xs:documentation>
            <xs:appinfo>
              <deprecated>true</deprecated>
            </xs:appinfo>
          </xs:annotation>
        </xs:element>
      </xs:sequence>
      <xs:attribute name="version" type="et:ExploitTargetVersionType">
        <xs:annotation>
          <xs:documentation>Specifies the relevant STIX-ExploitTarget schema version for this content.</xs:documentation>
        </xs:annotation>
      </xs:attribute>
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
Complex Type et:WeaknessType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram exploit_target_xsd.tmp#WeaknessType_Description exploit_target_xsd.tmp#WeaknessType_CWE_ID
Used by
Children et:CWE_ID, et:Description
Source
<xs:complexType name="WeaknessType">
  <xs:sequence>
    <xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
      <xs:annotation>
        <xs:documentation>The Description field is optional and provides an unstructured, text description of this Weakness.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="CWE_ID" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The CWE_ID element is optional and specifies a CWE identifier for a particular weakness.</xs:documentation>
      </xs:annotation>
      <xs:simpleType>
        <xs:restriction base="xs:string">
          <xs:pattern value="CWE-\d+"/>
        </xs:restriction>
      </xs:simpleType>
    </xs:element>
  </xs:sequence>
</xs:complexType>
Complex Type et:ConfigurationType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram exploit_target_xsd.tmp#ConfigurationType_Description exploit_target_xsd.tmp#ConfigurationType_Short_Description exploit_target_xsd.tmp#ConfigurationType_CCE_ID
Used by
Children et:CCE_ID, et:Description, et:Short_Description
Source
<xs:complexType name="ConfigurationType">
  <xs:sequence>
    <xs:element name="Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
      <xs:annotation>
        <xs:documentation>The Description field is optional and provides an unstructured, text description of this Configuration.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="Short_Description" type="stixCommon:StructuredTextType" minOccurs="0" maxOccurs="unbounded">
      <xs:annotation>
        <xs:documentation>The Short_Description field is optional and provides a short, unstructured, text description of this Configuration.</xs:documentation>
      </xs:annotation>
    </xs:element>
    <xs:element name="CCE_ID" minOccurs="0">
      <xs:annotation>
        <xs:documentation>The CCE_ID field is optional and specifies a CCE identifier for a particular configuration item.</xs:documentation>
      </xs:annotation>
      <xs:simpleType>
        <xs:restriction base="xs:string">
          <xs:pattern value="CCE-\d+-\d"/>
        </xs:restriction>
      </xs:simpleType>
    </xs:element>
  </xs:sequence>
</xs:complexType>
Complex Type et:PotentialCOAsType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipListType_scope stix_common_xsd.tmp#GenericRelationshipListType exploit_target_xsd.tmp#PotentialCOAsType_Potential_COA
Type extension of stixCommon:GenericRelationshipListType
Type hierarchy
Used by
Children et:Potential_COA
Attributes
QName Type Default Use Annotation
scope stixCommon:RelationshipScopeEnum exclusive optional
Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually.
Source
<xs:complexType name="PotentialCOAsType">
  <xs:complexContent>
    <xs:extension base="stixCommon:GenericRelationshipListType">
      <xs:sequence>
        <xs:element name="Potential_COA" type="stixCommon:RelatedCourseOfActionType" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Potential_COA field specifies a potential Course of Action for this ExploitTarget.</xs:documentation>
          </xs:annotation>
        </xs:element>
      </xs:sequence>
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
Complex Type et:RelatedExploitTargetsType
Namespace http://stix.mitre.org/ExploitTarget-1
Diagram
Diagram stix_common_xsd.tmp#GenericRelationshipListType_scope stix_common_xsd.tmp#GenericRelationshipListType exploit_target_xsd.tmp#RelatedExploitTargetsType_Related_Exploit_Target
Type extension of stixCommon:GenericRelationshipListType
Type hierarchy
Used by
Children et:Related_Exploit_Target
Attributes
QName Type Default Use Annotation
scope stixCommon:RelationshipScopeEnum exclusive optional
Indicates how multiple related items should be interpreted in this relationship. If "inclusive" is specified, then a single conceptual relationship is being defined between the subject and the collection of objects indicated by the related items (i.e. the relationship is not necessarily relevant for any one particular object being referenced, but for the aggregated collection of objects referenced). If "exclusive" is specified, then multiple relationships are being defined between the specific subject and each object individually.
Source
<xs:complexType name="RelatedExploitTargetsType">
  <xs:complexContent>
    <xs:extension base="stixCommon:GenericRelationshipListType">
      <xs:sequence>
        <xs:element name="Related_Exploit_Target" type="stixCommon:RelatedExploitTargetType" maxOccurs="unbounded">
          <xs:annotation>
            <xs:documentation>The Related_Exploit_Target field specifies a single other exploit target related to this exploit target.</xs:documentation>
          </xs:annotation>
        </xs:element>
      </xs:sequence>
    </xs:extension>
  </xs:complexContent>
</xs:complexType>
Simple Type et:ExploitTargetVersionType
Namespace http://stix.mitre.org/ExploitTarget-1
Annotations
An enumeration of all versions of the Exploit Target type valid in the current release of STIX.
Diagram
Diagram
Type restriction of xs:string
Facets
enumeration 1.0
enumeration 1.0.1
enumeration 1.1
enumeration 1.1.1
enumeration 1.2
Used by
Source
<xs:simpleType name="ExploitTargetVersionType">
  <xs:annotation>
    <xs:documentation>An enumeration of all versions of the Exploit Target type valid in the current release of STIX.</xs:documentation>
  </xs:annotation>
  <xs:restriction base="xs:string">
    <xs:enumeration value="1.0"/>
    <xs:enumeration value="1.0.1"/>
    <xs:enumeration value="1.1"/>
    <xs:enumeration value="1.1.1"/>
    <xs:enumeration value="1.2"/>
  </xs:restriction>
</xs:simpleType>
Attribute et:VulnerabilityType / @is_known
Namespace No namespace
Annotations
The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.
Type xs:boolean
Used by
Complex Type et:VulnerabilityType
Source
<xs:attribute name="is_known" type="xs:boolean">
  <xs:annotation>
    <xs:documentation>The @is_known field captures whether or not the vulnerability is known (i.e. not a 0-day) at the time of characterization.</xs:documentation>
  </xs:annotation>
</xs:attribute>
Attribute et:VulnerabilityType / @is_publicly_acknowledged
Namespace No namespace
Annotations
The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.
Type xs:boolean
Used by
Complex Type et:VulnerabilityType
Source
<xs:attribute name="is_publicly_acknowledged" type="xs:boolean">
  <xs:annotation>
    <xs:documentation>The @is_publicly_acknowledged field captures whether or not the vulnerability is publicly acknowledged by the vendor.</xs:documentation>
  </xs:annotation>
</xs:attribute>
Attribute et:ExploitTargetType / @version
Namespace No namespace
Annotations
Specifies the relevant STIX-ExploitTarget schema version for this content.
Type et:ExploitTargetVersionType
Facets
enumeration 1.0
enumeration 1.0.1
enumeration 1.1
enumeration 1.1.1
enumeration 1.2
Used by
Complex Type et:ExploitTargetType
Source
<xs:attribute name="version" type="et:ExploitTargetVersionType">
  <xs:annotation>
    <xs:documentation>Specifies the relevant STIX-ExploitTarget schema version for this content.</xs:documentation>
  </xs:annotation>
</xs:attribute>