Knogin
[Domini API]

Vulnerability Domain

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations. Profiles include CVE identifiers, CVSS severity scores, affected systems, and refer

Metadati del modulo

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations. Profiles include CVE identifiers, CVSS severity scores, affected systems, and refer

Torna a tutti i moduli

Riferimento sorgente

content/modules/domain-vulnerability.md

Ultimo aggiornamento

5 feb 2026

Categoria

Domini API

Checksum del contenuto

32a00f46e4cba2bc

Tag

api-domains

Documentazione renderizzata

Questa pagina renderizza Markdown e Mermaid del modulo direttamente dalla fonte pubblica di documentazione.

Overview#

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations. Profiles include CVE identifiers, CVSS severity scores, affected systems, and reference links to support cybersecurity analysis and incident response.

Key Features#

  • CVE Tracking - Create and maintain vulnerability profiles using standard CVE identifiers to catalog known security vulnerabilities relevant to investigations and threat analysis.

  • CVSS Severity Scoring - Record Common Vulnerability Scoring System scores with automatic severity classification (Critical, High, Medium, Low, None) for risk prioritization.

  • Affected Systems - Document which systems, software, and infrastructure components are affected by each vulnerability to understand exposure scope.

  • Reference Management - Link vulnerability profiles to authoritative references including National Vulnerability Database entries, vendor advisories, and technical documentation.

  • Threat Assessment - Assign threat levels and assessments to vulnerability profiles to communicate risk in the context of the broader investigation or organizational security posture.

  • Investigation Linking - Associate vulnerability profiles with active investigations and related target profiles for comprehensive case management.

CVSS Severity Levels#

ScoreSeverity
9.0 - 10.0Critical
7.0 - 8.9High
4.0 - 6.9Medium
0.1 - 3.9Low
0.0None

Use Cases#

  • Incident Response - Catalog vulnerabilities discovered during security incidents to understand the attack surface and inform remediation priorities.

  • Vulnerability Assessment - Track known vulnerabilities affecting organizational systems to support risk management and patching decisions.

  • Cyber Investigation - Document vulnerabilities exploited in cyber attacks as part of investigative case files with full technical context and references.

  • Threat Intelligence - Maintain awareness of critical vulnerabilities that threat actors may exploit, supporting proactive defense planning.

Integration#

The Vulnerability domain connects with security and intelligence capabilities:

  • Threat Intelligence - Vulnerability data enriches threat analysis
  • Profile Management - Vulnerability profiles extend the base profile system
  • Investigation Management - Vulnerabilities link to active investigations
  • Alert System - Critical vulnerability discoveries can trigger notifications

Last Reviewed: 2026-02-05