Skip to content

Add NCISS decision points #707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
ahouseholder wants to merge 44 commits into
base: main
Choose a base branch
from
Draft

Add NCISS decision points #707

Show file tree
Hide file tree
Changes from 33 commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
bbc77ff
refactor a _Valued mixin class
ahouseholder Feb 20, 2025
1cd67e9
add incident severity decision point (+1 squashed commit)
ahouseholder Feb 20, 2025
b349146
add recoverability decision point (+1 squashed commit)
ahouseholder Feb 20, 2025
0e40c2f
add observed activity location
ahouseholder Feb 20, 2025
0fe62b8
add index
ahouseholder Feb 20, 2025
0aa9f93
add recoverability
ahouseholder Feb 20, 2025
b1c44b2
s/cybersecurity/cyber/
ahouseholder Feb 20, 2025
466bf0d
markdownlint
ahouseholder Feb 20, 2025
989c78e
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
ahouseholder Feb 20, 2025
703afc1
fix docstrings and comments
ahouseholder Feb 20, 2025
2654bc5
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Feb 21, 2025
ee96d8d
add observed_activity.py
ahouseholder Mar 10, 2025
10b4c4c
add functional_impact.py and information_impact.py
ahouseholder Mar 10, 2025
990a8ca
remove example from value
ahouseholder Mar 10, 2025
3fe850e
add comments with reference links
ahouseholder Mar 10, 2025
7ae9f4e
add functional impact, info impact, observed activity reference docs
ahouseholder Mar 12, 2025
4979c6d
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
ahouseholder Mar 12, 2025
ff1661e
fix links
ahouseholder Mar 13, 2025
bb09944
markdownlint --fix
ahouseholder Mar 13, 2025
5c900cf
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
ahouseholder Mar 13, 2025
433d259
move header
ahouseholder Mar 13, 2025
5d4490b
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
ahouseholder Mar 18, 2025
6c5389d
Merge branch 'add_namespace_enum' into 705-model-national-cybersecuri…
ahouseholder Mar 18, 2025
fbb93e2
add `nciss` namespace
ahouseholder Mar 18, 2025
d8a436c
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
ahouseholder Mar 18, 2025
e4caa13
add _Valued mixin
ahouseholder Mar 18, 2025
0f983dc
Merge branch 'add_namespace_enum' into 705-model-national-cybersecuri…
ahouseholder Mar 19, 2025
9bc375f
Merge branch 'add_namespace_enum' into 705-model-national-cybersecuri…
ahouseholder Mar 19, 2025
bfa1d05
Merge branch 'add_namespace_enum' into 705-model-national-cybersecuri…
ahouseholder Mar 19, 2025
2d3eefa
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Mar 20, 2025
ea61ee5
Merge branch 'feature/reorder-base-class-mixins' into 705-model-natio…
ahouseholder Mar 20, 2025
5985520
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
ahouseholder Mar 27, 2025
d42d61b
update copyright
ahouseholder Mar 27, 2025
0e43c0c
Merge branch 'main' into feature/705-model-national-cybersecurity-inc…
ahouseholder Mar 31, 2025
28e29f0
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Jun 23, 2025
08c04c0
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Aug 7, 2025
534f281
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Aug 7, 2025
3d87594
merge nciss modules into ssvc.decision_points.cisa (+1 squashed commit)
ahouseholder Aug 7, 2025
931515d
Merge branch '705-model-national-cybersecurity-incident-scoring-syste…
ahouseholder Aug 7, 2025
033e60d
Merge branch 'main' into 705-model-national-cybersecurity-incident-sc…
ahouseholder Aug 19, 2025
5513459
Merge branch 'main' of https://github.com/CERTCC/SSVC into 705-model-…
ahouseholder Sep 16, 2025
8972eac
update namespace string
ahouseholder Sep 16, 2025
37e4085
update description -> definition
ahouseholder Sep 16, 2025
b420809
regenerate json
ahouseholder Sep 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions data/json/decision_points/automatable_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Automatable",
"description": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
"namespace": "ssvc",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "A",
"name": "Automatable",
"description": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/access_complexity_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Access Complexity",
"description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AC",
"name": "Access Complexity",
"description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/access_complexity_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Access Complexity",
"description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "AC",
"name": "Access Complexity",
"description": "This metric measures the complexity of the attack required to exploit the vulnerability once an attacker has gained access to the target system.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/access_vector_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Access Vector",
"description": "This metric measures whether or not the vulnerability is exploitable locally or remotely.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AV",
"name": "Access Vector",
"description": "This metric measures whether or not the vulnerability is exploitable locally or remotely.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/access_vector_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Access Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "AV",
"name": "Access Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/attack_complexity_3_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Attack Complexity",
"description": "This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.",
"namespace": "cvss",
"version": "3.0.0",
"schemaVersion": "1-0-1",
"key": "AC",
"name": "Attack Complexity",
"description": "This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/attack_complexity_3_0_1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Attack Complexity",
"description": "This metric captures measurable actions that must be taken by the attacker to actively evade or circumvent existing built-in security-enhancing conditions in order to obtain a working exploit. ",
"namespace": "cvss",
"version": "3.0.1",
"schemaVersion": "1-0-1",
"key": "AC",
"name": "Attack Complexity",
"description": "This metric captures measurable actions that must be taken by the attacker to actively evade or circumvent existing built-in security-enhancing conditions in order to obtain a working exploit. ",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/attack_requirements_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Attack Requirements",
"description": "This metric captures the prerequisite deployment and execution conditions or variables of the vulnerable system that enable the attack.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AT",
"name": "Attack Requirements",
"description": "This metric captures the prerequisite deployment and execution conditions or variables of the vulnerable system that enable the attack.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/attack_vector_3_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Attack Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible. ",
"namespace": "cvss",
"version": "3.0.0",
"schemaVersion": "1-0-1",
"key": "AV",
"name": "Attack Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible. ",
"values": [
{
"key": "P",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/attack_vector_3_0_1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Attack Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the resulting severity) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable system. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater severity.",
"namespace": "cvss",
"version": "3.0.1",
"schemaVersion": "1-0-1",
"key": "AV",
"name": "Attack Vector",
"description": "This metric reflects the context by which vulnerability exploitation is possible. This metric value (and consequently the resulting severity) will be larger the more remote (logically, and physically) an attacker can be in order to exploit the vulnerable system. The assumption is that the number of potential attackers for a vulnerability that could be exploited from across a network is larger than the number of potential attackers that could exploit a vulnerability requiring physical access to a device, and therefore warrants a greater severity.",
"values": [
{
"key": "P",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/authentication_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Authentication",
"description": "This metric measures whether or not an attacker needs to be authenticated to the target system in order to exploit the vulnerability.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "Au",
"name": "Authentication",
"description": "This metric measures whether or not an attacker needs to be authenticated to the target system in order to exploit the vulnerability.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/authentication_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Authentication",
"description": "This metric measures the number of times an attacker must authenticate to a target in order to exploit a vulnerability. This metric does not gauge the strength or complexity of the authentication process, only that an attacker is required to provide credentials before an exploit may occur. The possible values for this metric are listed in Table 3. The fewer authentication instances that are required, the higher the vulnerability score.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "Au",
"name": "Authentication",
"description": "This metric measures the number of times an attacker must authenticate to a target in order to exploit a vulnerability. This metric does not gauge the strength or complexity of the authentication process, only that an attacker is required to provide credentials before an exploit may occur. The possible values for this metric are listed in Table 3. The fewer authentication instances that are required, the higher the vulnerability score.",
"values": [
{
"key": "M",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/automatable_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Automatable",
"description": "The \"Automatable\" metric captures the answer to the question \"Can an attacker automate exploitation events for this vulnerability across multiple targets?\" based on steps 1-4 of the kill chain.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AU",
"name": "Automatable",
"description": "The \"Automatable\" metric captures the answer to the question \"Can an attacker automate exploitation events for this vulnerability across multiple targets?\" based on steps 1-4 of the kill chain.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_impact_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Impact",
"description": "This metric measures the impact on availability a successful exploit of the vulnerability will have on the target system.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "A",
"name": "Availability Impact",
"description": "This metric measures the impact on availability a successful exploit of the vulnerability will have on the target system.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_impact_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Impact",
"description": "This metric measures the impact to availability of a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "A",
"name": "Availability Impact",
"description": "This metric measures the impact to availability of a successfully exploited vulnerability.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_impact_to_the_subsequent_system_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Impact to the Subsequent System",
"description": "This metric measures the impact on availability a successful exploit of the vulnerability will have on the Subsequent System.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "SA",
"name": "Availability Impact to the Subsequent System",
"description": "This metric measures the impact on availability a successful exploit of the vulnerability will have on the Subsequent System.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_impact_to_the_vulnerable_system_3_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Impact to the Vulnerable System",
"description": "This metric measures the impact to the availability of the impacted system resulting from a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "3.0.0",
"schemaVersion": "1-0-1",
"key": "VA",
"name": "Availability Impact to the Vulnerable System",
"description": "This metric measures the impact to the availability of the impacted system resulting from a successfully exploited vulnerability.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_requirement_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_requirement_1_1_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "1.1.0",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric measures the impact to the availability of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/availability_requirement_1_1_1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Availability Requirement",
"description": "This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Availability.",
"namespace": "cvss",
"version": "1.1.1",
"schemaVersion": "1-0-1",
"key": "AR",
"name": "Availability Requirement",
"description": "This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Availability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/collateral_damage_potential_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Collateral Damage Potential",
"description": "This metric measures the potential for a loss in physical equipment, property damage or loss of life or limb.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "CDP",
"name": "Collateral Damage Potential",
"description": "This metric measures the potential for a loss in physical equipment, property damage or loss of life or limb.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/collateral_damage_potential_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Collateral Damage Potential",
"description": "This metric measures the potential for loss of life or physical assets.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "CDP",
"name": "Collateral Damage Potential",
"description": "This metric measures the potential for loss of life or physical assets.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_impact_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Impact",
"description": "This metric measures the impact on confidentiality of a successful exploit of the vulnerability on the target system.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "C",
"name": "Confidentiality Impact",
"description": "This metric measures the impact on confidentiality of a successful exploit of the vulnerability on the target system.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_impact_2_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Impact",
"description": "This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "2.0.0",
"schemaVersion": "1-0-1",
"key": "C",
"name": "Confidentiality Impact",
"description": "This metric measures the impact to the confidentiality of the information resources managed by a software component due to a successfully exploited vulnerability.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_impact_to_the_subsequent_system_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Impact to the Subsequent System",
"description": "This metric measures the impact to the confidentiality of the information managed by the system due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones. The resulting score is greatest when the loss to the system is highest.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "SC",
"name": "Confidentiality Impact to the Subsequent System",
"description": "This metric measures the impact to the confidentiality of the information managed by the system due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones. The resulting score is greatest when the loss to the system is highest.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_impact_to_the_vulnerable_system_3_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Impact to the Vulnerable System",
"description": "This metric measures the impact to the confidentiality of the information managed by the system due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.",
"namespace": "cvss",
"version": "3.0.0",
"schemaVersion": "1-0-1",
"key": "VC",
"name": "Confidentiality Impact to the Vulnerable System",
"description": "This metric measures the impact to the confidentiality of the information managed by the system due to a successfully exploited vulnerability. Confidentiality refers to limiting information access and disclosure to only authorized users, as well as preventing access by, or disclosure to, unauthorized ones.",
"values": [
{
"key": "N",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_requirement_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Requirement",
"description": "This metric measures the impact to the confidentiality of a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "CR",
"name": "Confidentiality Requirement",
"description": "This metric measures the impact to the confidentiality of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_requirement_1_1_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Requirement",
"description": "This metric measures the impact to the confidentiality of a successfully exploited vulnerability.",
"namespace": "cvss",
"version": "1.1.0",
"schemaVersion": "1-0-1",
"key": "CR",
"name": "Confidentiality Requirement",
"description": "This metric measures the impact to the confidentiality of a successfully exploited vulnerability.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/confidentiality_requirement_1_1_1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Confidentiality Requirement",
"description": "This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Confidentiality.",
"namespace": "cvss",
"version": "1.1.1",
"schemaVersion": "1-0-1",
"key": "CR",
"name": "Confidentiality Requirement",
"description": "This metric enables the consumer to customize the assessment depending on the importance of the affected IT asset to the analyst’s organization, measured in terms of Confidentiality.",
"values": [
{
"key": "L",
Expand Down
4 changes: 2 additions & 2 deletions data/json/decision_points/cvss/equivalence_set_1_1_0_0.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "Equivalence Set 1",
"description": "AV/PR/UI with 3 levels specified in Table 24",
"namespace": "cvss",
"version": "1.0.0",
"schemaVersion": "1-0-1",
"key": "EQ1",
"name": "Equivalence Set 1",
"description": "AV/PR/UI with 3 levels specified in Table 24",
"values": [
{
"key": "L",
Expand Down
Loading