definition.json

{
  "requiredOneOf": [
    "vulnerable_configuration",
    "description",
    "poc"
  ],
  "attributes": {
    "description": {
      "description": "Description of the exploit - proof of concept",
      "ui-priority": 0,
      "misp-attribute": "text"
    },
    "vulnerable_configuration": {
      "description": "The vulnerable configuration described in CPE format where the exploit/proof of concept is valid",
      "multiple": true,
      "ui-priority": 0,
      "misp-attribute": "text"
    },
    "author": {
      "description": "Author of the exploit - proof of concept",
      "ui-priority": 0,
      "disable_correlation": true,
      "misp-attribute": "text",
      "multiple": true
    },
    "references": {
      "description": "External references",
      "multiple": true,
      "ui-priority": 0,
      "misp-attribute": "link"
    },
    "poc": {
      "description": "Proof of Concept or exploit (as a script, binary or described process)",
      "ui-priority": 0,
      "misp-attribute": "attachment",
      "disable_correlation": true,
      "multiple": true
    }
  },
  "version": 2,
  "description": "Exploit-poc object describing a proof of concept or exploit of a vulnerability. This object has often a relationship with a vulnerability object.",
  "meta-category": "vulnerability",
  "uuid": "e3bdeef8-78c3-48d8-9c2f-1be5e5bde93b",
  "name": "exploit-poc"
}