Knogin
[Domeny API]

Vulnerability Domain

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations.

Metadane modulu

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations.

Powrót do wszystkich modułów

Odwolanie do zrodla

content/modules/domain-vulnerability.md

Ostatnia aktualizacja

5 lut 2026

Kategoria

Domeny API

Suma kontrolna tresci

32a00f46e4cba2bc

Tagi

api-domains

Renderowana dokumentacja

Ta strona renderuje Markdown i Mermaid modulu bezposrednio z publicznego zrodla dokumentacji.

Overview#

The Vulnerability domain provides vulnerability profile management for tracking CVEs and security vulnerabilities within investigations. Profiles include CVE identifiers, CVSS severity scores, affected systems, and reference links to support cybersecurity analysis and incident response.

Key Features#

  • CVE Tracking - Create and maintain vulnerability profiles using standard CVE identifiers to catalog known security vulnerabilities relevant to investigations and threat analysis.

  • CVSS Severity Scoring - Record Common Vulnerability Scoring System scores with automatic severity classification (Critical, High, Medium, Low, None) for risk prioritization.

  • Affected Systems - Document which systems, software, and infrastructure components are affected by each vulnerability to understand exposure scope.

  • Reference Management - Link vulnerability profiles to authoritative references including National Vulnerability Database entries, vendor advisories, and technical documentation.

  • Threat Assessment - Assign threat levels and assessments to vulnerability profiles to communicate risk in the context of the broader investigation or organizational security posture.

  • Investigation Linking - Associate vulnerability profiles with active investigations and related target profiles for comprehensive case management.

CVSS Severity Levels#

ScoreSeverity
9.0 - 10.0Critical
7.0 - 8.9High
4.0 - 6.9Medium
0.1 - 3.9Low
0.0None

Use Cases#

  • Incident Response - Catalog vulnerabilities discovered during security incidents to understand the attack surface and inform remediation priorities.

  • Vulnerability Assessment - Track known vulnerabilities affecting organizational systems to support risk management and patching decisions.

  • Cyber Investigation - Document vulnerabilities exploited in cyber attacks as part of investigative case files with full technical context and references.

  • Threat Intelligence - Maintain awareness of critical vulnerabilities that threat actors may exploit, supporting proactive defense planning.

Integration#

The Vulnerability domain connects with security and intelligence capabilities:

  • Threat Intelligence - Vulnerability data enriches threat analysis
  • Profile Management - Vulnerability profiles extend the base profile system
  • Investigation Management - Vulnerabilities link to active investigations
  • Alert System - Critical vulnerability discoveries can trigger notifications

Last Reviewed: 2026-02-05