Class: Weakness
Canonical CWE weakness record (WeaknessType in XSD). Describes a specific type of weakness and the full set of associated information.
URI: cwe:Weakness
classDiagram
class Weakness
click Weakness href "../Weakness/"
Weakness : abstraction
Weakness --> "1" WeaknessAbstraction : abstraction
click WeaknessAbstraction href "../WeaknessAbstraction/"
Weakness : affected_resources
Weakness --> "*" AffectedResource : affected_resources
click AffectedResource href "../AffectedResource/"
Weakness : alternate_terms
Weakness --> "*" AlternateTerm : alternate_terms
click AlternateTerm href "../AlternateTerm/"
Weakness : applicable_platforms
Weakness --> "0..1" ApplicablePlatforms : applicable_platforms
click ApplicablePlatforms href "../ApplicablePlatforms/"
Weakness : background_details
Weakness : common_consequences
Weakness --> "*" CommonConsequence : common_consequences
click CommonConsequence href "../CommonConsequence/"
Weakness : content_history
Weakness --> "1" ContentHistory : content_history
click ContentHistory href "../ContentHistory/"
Weakness : demonstrative_examples
Weakness --> "*" DemonstrativeExample : demonstrative_examples
click DemonstrativeExample href "../DemonstrativeExample/"
Weakness : description
Weakness : detection_methods
Weakness --> "*" DetectionMethod : detection_methods
click DetectionMethod href "../DetectionMethod/"
Weakness : diagram
Weakness : exploitation_factors
Weakness : extended_description
Weakness : functional_areas
Weakness --> "*" FunctionalArea : functional_areas
click FunctionalArea href "../FunctionalArea/"
Weakness : id
Weakness : likelihood_of_exploit
Weakness --> "0..1" LikelihoodLevel : likelihood_of_exploit
click LikelihoodLevel href "../LikelihoodLevel/"
Weakness : mapping_notes
Weakness --> "1" MappingNotes : mapping_notes
click MappingNotes href "../MappingNotes/"
Weakness : modes_of_introduction
Weakness --> "*" ModeOfIntroduction : modes_of_introduction
click ModeOfIntroduction href "../ModeOfIntroduction/"
Weakness : name
Weakness : notes
Weakness --> "*" Note : notes
click Note href "../Note/"
Weakness : observed_examples
Weakness --> "*" ObservedExample : observed_examples
click ObservedExample href "../ObservedExample/"
Weakness : potential_mitigations
Weakness --> "*" PotentialMitigation : potential_mitigations
click PotentialMitigation href "../PotentialMitigation/"
Weakness : references
Weakness --> "*" CWEReference : references
click CWEReference href "../CWEReference/"
Weakness : related_attack_patterns
Weakness : related_weaknesses
Weakness --> "*" RelatedWeakness : related_weaknesses
click RelatedWeakness href "../RelatedWeakness/"
Weakness : source
Weakness : status
Weakness --> "1" WeaknessStatus : status
click WeaknessStatus href "../WeaknessStatus/"
Weakness : structure
Weakness --> "1" WeaknessStructure : structure
click WeaknessStructure href "../WeaknessStructure/"
Weakness : tags
Weakness : taxonomy_mappings
Weakness --> "*" TaxonomyMapping : taxonomy_mappings
click TaxonomyMapping href "../TaxonomyMapping/"
Weakness : weakness_ordinalities
Weakness --> "*" WeaknessOrdinality : weakness_ordinalities
click WeaknessOrdinality href "../WeaknessOrdinality/"
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| id | 1 Integer |
Unique numeric identifier for the CWE entry, category, or view | direct |
| name | 1 String |
Short human-readable name or title for this entity | direct |
| description | 1 String |
Narrative description of the entity | direct |
| extended_description | 0..1 String |
Extended description providing additional details beyond the core concept | direct |
| abstraction | 1 WeaknessAbstraction |
CWE abstraction tier (e | direct |
| structure | 1 WeaknessStructure |
Structural nature of the weakness (Simple, Chain, or Composite) | direct |
| status | 1 WeaknessStatus |
Lifecycle status of the CWE entry, category, or view | direct |
| diagram | 0..1 String |
Optional diagram filename or reference associated with the entry | direct |
| weakness_ordinalities | * WeaknessOrdinality |
Potential ordering relationships of this weakness with others | direct |
| applicable_platforms | 0..1 ApplicablePlatforms |
Languages, OS, architectures, and technologies where this weakness can appear | direct |
| background_details | * String |
Background information relevant but not describing the weakness itself | direct |
| alternate_terms | * AlternateTerm |
Other names by which this weakness is known | direct |
| modes_of_introduction | * ModeOfIntroduction |
Information about how and when this weakness may be introduced | direct |
| exploitation_factors | * String |
Conditions that could increase the likelihood of exploit | direct |
| likelihood_of_exploit | 0..1 LikelihoodLevel |
Qualitative likelihood that the weakness can be exploited | direct |
| common_consequences | * CommonConsequence |
Individual consequences associated with this weakness | direct |
| detection_methods | * DetectionMethod |
Methods that may be employed to detect this weakness | direct |
| potential_mitigations | * PotentialMitigation |
Potential mitigations associated with this weakness | direct |
| demonstrative_examples | * DemonstrativeExample |
Code examples illustrating how this weakness may appear | direct |
| observed_examples | * ObservedExample |
Real-world instances of this weakness | direct |
| functional_areas | * FunctionalArea |
Functional areas in which this weakness is most likely to occur | direct |
| affected_resources | * AffectedResource |
System resources that can be affected by exploiting this weakness | direct |
| taxonomy_mappings | * TaxonomyMapping |
Mappings to equivalent entries in external taxonomies | direct |
| related_attack_patterns | * Integer |
CAPEC identifiers of attack patterns associated with this weakness | direct |
| related_weaknesses | * RelatedWeakness |
Typed relationships to other CWE entries | direct |
| references | * CWEReference |
Links to external references defined in the catalog | direct |
| mapping_notes | 1 MappingNotes |
Guidance for when and whether to map an issue to this entry | direct |
| notes | * Note |
Additional comments about this entry | direct |
| content_history | 1 ContentHistory |
Tracks the original author and subsequent modifications | direct |
| tags | * String |
Free-form tags for grouping and downstream filtering | direct |
| source | 0..1 String |
Source or origin of the data | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| WeaknessCatalog | weaknesses | range | Weakness |
| NVDWeaknessObservation | weakness | range | Weakness |
In Subsets
See Also
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/cwe
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | cwe:Weakness |
| native | cwe:Weakness |
| exact | WIKIDATA:Q429785 |
| related | cve:cwe_id |
| close | schema:DefinedTerm, cve:ProblemType, cve:ProblemTypeDescription, cve:problem_description |
LinkML Source
Direct
name: Weakness
description: Canonical CWE weakness record (WeaknessType in XSD). Describes a specific
type of weakness and the full set of associated information.
in_subset:
- cwe_dictionary
from_schema: https://w3id.org/lmodel/cwe
see_also:
- https://cwe.mitre.org/data/index.html
exact_mappings:
- WIKIDATA:Q429785
close_mappings:
- schema:DefinedTerm
- cve:ProblemType
- cve:ProblemTypeDescription
- cve:problem_description
related_mappings:
- cve:cwe_id
slots:
- id
- name
- description
- extended_description
- abstraction
- structure
- status
- diagram
- weakness_ordinalities
- applicable_platforms
- background_details
- alternate_terms
- modes_of_introduction
- exploitation_factors
- likelihood_of_exploit
- common_consequences
- detection_methods
- potential_mitigations
- demonstrative_examples
- observed_examples
- functional_areas
- affected_resources
- taxonomy_mappings
- related_attack_patterns
- related_weaknesses
- references
- mapping_notes
- notes
- content_history
- tags
- source
slot_usage:
id:
name: id
identifier: true
required: true
name:
name: name
required: true
description:
name: description
required: true
abstraction:
name: abstraction
required: true
structure:
name: structure
required: true
status:
name: status
required: true
mapping_notes:
name: mapping_notes
required: true
content_history:
name: content_history
required: true
Induced
name: Weakness
description: Canonical CWE weakness record (WeaknessType in XSD). Describes a specific
type of weakness and the full set of associated information.
in_subset:
- cwe_dictionary
from_schema: https://w3id.org/lmodel/cwe
see_also:
- https://cwe.mitre.org/data/index.html
exact_mappings:
- WIKIDATA:Q429785
close_mappings:
- schema:DefinedTerm
- cve:ProblemType
- cve:ProblemTypeDescription
- cve:problem_description
related_mappings:
- cve:cwe_id
slot_usage:
id:
name: id
identifier: true
required: true
name:
name: name
required: true
description:
name: description
required: true
abstraction:
name: abstraction
required: true
structure:
name: structure
required: true
status:
name: status
required: true
mapping_notes:
name: mapping_notes
required: true
content_history:
name: content_history
required: true
attributes:
id:
name: id
description: Unique numeric identifier for the CWE entry, category, or view.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
slot_uri: dct:identifier
identifier: true
alias: id
owner: Weakness
domain_of:
- Weakness
- Category
- View
range: integer
required: true
name:
name: name
description: Short human-readable name or title for this entity.
from_schema: https://w3id.org/lmodel/cwe
aliases:
- label
rank: 1000
slot_uri: rdfs:label
alias: name
owner: Weakness
domain_of:
- WeaknessCatalog
- Weakness
- Category
- View
- LanguagePlatform
- OSPlatform
- ArchitecturePlatform
- TechnologyPlatform
- PreviousEntryName
range: string
required: true
description:
name: description
description: Narrative description of the entity.
from_schema: https://w3id.org/lmodel/cwe
exact_mappings:
- schema:description
rank: 1000
slot_uri: dct:description
alias: description
owner: Weakness
domain_of:
- Weakness
- WeaknessOrdinality
- AlternateTerm
- DetectionMethod
- PotentialMitigation
- ObservedExample
- Audience
range: string
required: true
extended_description:
name: extended_description
description: Extended description providing additional details beyond the core
concept.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: extended_description
owner: Weakness
domain_of:
- Weakness
range: string
abstraction:
name: abstraction
description: CWE abstraction tier (e.g. Base or Variant).
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
slot_uri: skos:broader
alias: abstraction
owner: Weakness
domain_of:
- Weakness
range: WeaknessAbstraction
required: true
structure:
name: structure
description: Structural nature of the weakness (Simple, Chain, or Composite).
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: structure
owner: Weakness
domain_of:
- Weakness
range: WeaknessStructure
required: true
status:
name: status
description: Lifecycle status of the CWE entry, category, or view.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: status
owner: Weakness
domain_of:
- Weakness
- Category
- View
range: WeaknessStatus
required: true
diagram:
name: diagram
description: Optional diagram filename or reference associated with the entry.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: diagram
owner: Weakness
domain_of:
- Weakness
range: string
weakness_ordinalities:
name: weakness_ordinalities
description: Potential ordering relationships of this weakness with others.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: weakness_ordinalities
owner: Weakness
domain_of:
- Weakness
range: WeaknessOrdinality
multivalued: true
inlined: true
inlined_as_list: true
applicable_platforms:
name: applicable_platforms
description: Languages, OS, architectures, and technologies where this weakness
can appear.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: applicable_platforms
owner: Weakness
domain_of:
- Weakness
range: ApplicablePlatforms
inlined: true
background_details:
name: background_details
description: Background information relevant but not describing the weakness itself.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: background_details
owner: Weakness
domain_of:
- Weakness
range: string
multivalued: true
alternate_terms:
name: alternate_terms
description: Other names by which this weakness is known.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: alternate_terms
owner: Weakness
domain_of:
- Weakness
range: AlternateTerm
multivalued: true
inlined: true
inlined_as_list: true
modes_of_introduction:
name: modes_of_introduction
description: Information about how and when this weakness may be introduced.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: modes_of_introduction
owner: Weakness
domain_of:
- Weakness
range: ModeOfIntroduction
multivalued: true
inlined: true
inlined_as_list: true
exploitation_factors:
name: exploitation_factors
description: Conditions that could increase the likelihood of exploit.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: exploitation_factors
owner: Weakness
domain_of:
- Weakness
range: string
multivalued: true
likelihood_of_exploit:
name: likelihood_of_exploit
description: Qualitative likelihood that the weakness can be exploited.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: likelihood_of_exploit
owner: Weakness
domain_of:
- Weakness
range: LikelihoodLevel
common_consequences:
name: common_consequences
description: Individual consequences associated with this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: common_consequences
owner: Weakness
domain_of:
- Weakness
range: CommonConsequence
multivalued: true
inlined: true
inlined_as_list: true
detection_methods:
name: detection_methods
description: Methods that may be employed to detect this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: detection_methods
owner: Weakness
domain_of:
- Weakness
range: DetectionMethod
multivalued: true
inlined: true
inlined_as_list: true
potential_mitigations:
name: potential_mitigations
description: Potential mitigations associated with this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: potential_mitigations
owner: Weakness
domain_of:
- Weakness
range: PotentialMitigation
multivalued: true
inlined: true
inlined_as_list: true
demonstrative_examples:
name: demonstrative_examples
description: Code examples illustrating how this weakness may appear.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: demonstrative_examples
owner: Weakness
domain_of:
- Weakness
range: DemonstrativeExample
multivalued: true
inlined: true
inlined_as_list: true
observed_examples:
name: observed_examples
description: Real-world instances of this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: observed_examples
owner: Weakness
domain_of:
- Weakness
range: ObservedExample
multivalued: true
inlined: true
inlined_as_list: true
functional_areas:
name: functional_areas
description: Functional areas in which this weakness is most likely to occur.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: functional_areas
owner: Weakness
domain_of:
- Weakness
range: FunctionalArea
multivalued: true
affected_resources:
name: affected_resources
description: System resources that can be affected by exploiting this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: affected_resources
owner: Weakness
domain_of:
- Weakness
range: AffectedResource
multivalued: true
taxonomy_mappings:
name: taxonomy_mappings
description: Mappings to equivalent entries in external taxonomies.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: taxonomy_mappings
owner: Weakness
domain_of:
- Weakness
- Category
range: TaxonomyMapping
multivalued: true
inlined: true
inlined_as_list: true
related_attack_patterns:
name: related_attack_patterns
description: CAPEC identifiers of attack patterns associated with this weakness.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
slot_uri: skos:related
alias: related_attack_patterns
owner: Weakness
domain_of:
- Weakness
range: integer
multivalued: true
related_weaknesses:
name: related_weaknesses
description: Typed relationships to other CWE entries.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: related_weaknesses
owner: Weakness
domain_of:
- Weakness
range: RelatedWeakness
multivalued: true
inlined: true
inlined_as_list: true
references:
name: references
description: Links to external references defined in the catalog.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: references
owner: Weakness
domain_of:
- Weakness
- Category
- View
- DemonstrativeExample
range: CWEReference
multivalued: true
inlined: true
inlined_as_list: true
mapping_notes:
name: mapping_notes
description: Guidance for when and whether to map an issue to this entry.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: mapping_notes
owner: Weakness
domain_of:
- Weakness
- Category
- View
range: MappingNotes
required: true
inlined: true
notes:
name: notes
description: Additional comments about this entry.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
slot_uri: skos:note
alias: notes
owner: Weakness
domain_of:
- Weakness
- Category
- View
range: Note
multivalued: true
inlined: true
inlined_as_list: true
content_history:
name: content_history
description: Tracks the original author and subsequent modifications.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: content_history
owner: Weakness
domain_of:
- Weakness
- Category
- View
range: ContentHistory
required: true
inlined: true
tags:
name: tags
description: Free-form tags for grouping and downstream filtering.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
alias: tags
owner: Weakness
domain_of:
- Weakness
range: string
multivalued: true
source:
name: source
description: Source or origin of the data.
from_schema: https://w3id.org/lmodel/cwe
rank: 1000
slot_uri: dct:source
alias: source
owner: Weakness
domain_of:
- Weakness
- NVDWeaknessObservation
range: string