diff --git a/mappings/cvss_v3/cvss_v3.json b/mappings/cvss_v3/cvss_v3.json
index 492dfb3..d016e90 100644
--- a/mappings/cvss_v3/cvss_v3.json
+++ b/mappings/cvss_v3/cvss_v3.json
@@ -1039,6 +1039,23 @@
             }
           ]
         },
+        {
+          "id": "exposed_portal",
+          "children": [
+            {
+              "id": "protected",
+              "cvss_v3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N"
+            },
+            {
+              "id": "admin_portal",
+              "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+            },
+            {
+              "id": "non_admin_portal",
+              "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+            }
+          ]
+        },        
         {
           "id": "clickjacking",
           "children": [
diff --git a/mappings/remediation_advice/remediation_advice.json b/mappings/remediation_advice/remediation_advice.json
index 24ba0d5..b96a887 100644
--- a/mappings/remediation_advice/remediation_advice.json
+++ b/mappings/remediation_advice/remediation_advice.json
@@ -1410,14 +1410,12 @@
           ]
         },
         {
-          "id": "exposed_admin_portal",
-          "children": [
-            {
-              "id": "to_internet",
-              "remediation_advice": "As a best practice, consider restricting admin portal access to internal users only."
-            }
+          "id": "exposed_portal",
+          "remediation_advice": "Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.",
+          "references": [
+            "https://nordlayer.com/learn/access-control/best-practices-and-implementation/"
           ]
-        },
+        },        
         {
           "id": "fingerprinting_banner_disclosure",
           "remediation_advice": "As a best practice, do not expose the specific software version."
diff --git a/vulnerability-rating-taxonomy.json b/vulnerability-rating-taxonomy.json
index 73873d5..1530e81 100644
--- a/vulnerability-rating-taxonomy.json
+++ b/vulnerability-rating-taxonomy.json
@@ -2384,15 +2384,27 @@
           "priority": 5
         },
         {
-          "id": "exposed_admin_portal",
-          "name": "Exposed Admin Portal",
+          "id": "exposed_portal",
+          "name": "Exposed Portal",
           "type": "subcategory",
           "children": [
             {
-              "id": "to_internet",
-              "name": "To Internet",
+              "id": "protected",
+              "name": "Protected",
               "type": "variant",
               "priority": 5
+            },
+            {
+              "id": "admin_portal",
+              "name": "Admin Portal",
+              "type": "variant",
+              "priority": 1
+            },
+            {
+              "id": "non_admin_portal",
+              "name": "Non-Admin Portal",
+              "type": "variant",
+              "priority": 3
             }
           ]
         },