Class: Advisory
The Advisory object represents publicly disclosed cybersecurity vulnerabilities
defined in a Security advisory. e.g. Microsoft KB Article,
Apple Security Advisory, or a GitHub Security Advisory
(GHSA)
URI: ocsf:Advisory
classDiagram
class Advisory
click Advisory href "../Advisory/"
Object <|-- Advisory
click Object href "../Object/"
Advisory : avg_timespan
Advisory --> "0..1" Timespan : avg_timespan
click Timespan href "../Timespan/"
Advisory : bulletin
Advisory : classification
Advisory : created_time
Advisory : desc
Advisory : install_state
Advisory : install_state_id
Advisory --> "0..1 _recommended_" InstallStateIdEnum : install_state_id
click InstallStateIdEnum href "../InstallStateIdEnum/"
Advisory : is_superseded
Advisory : modified_time
Advisory : os
Advisory --> "0..1 _recommended_" Os : os
click Os href "../Os/"
Advisory : product
Advisory --> "0..1" Product : product
click Product href "../Product/"
Advisory : references
Advisory : related_cves
Advisory --> "*" Cve : related_cves
click Cve href "../Cve/"
Advisory : related_cwes
Advisory --> "*" Cwe : related_cwes
click Cwe href "../Cwe/"
Advisory : size
Advisory : src_url
Advisory : title
Advisory : uid
Inheritance
- OcsfObject
- Object
- Advisory
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| avg_timespan | 0..1 Timespan |
The average time to patch | direct |
| bulletin | 0..1 String |
The Advisory bulletin identifier | direct |
| classification | 0..1 String |
The vendors classification of the Advisory | direct |
| created_time | 0..1 recommended TimestampT |
The time when the Advisory record was created | direct |
| desc | 0..1 String |
A brief description of the Advisory Record | direct |
| install_state | 0..1 recommended String |
The install state of the Advisory | direct |
| install_state_id | 0..1 recommended InstallStateIdEnum |
The normalized install state ID of the Advisory | direct |
| is_superseded | 0..1 Boolean |
The Advisory has been replaced by another | direct |
| modified_time | 0..1 TimestampT |
The time when the Advisory record was last updated | direct |
| os | 0..1 recommended Os |
The operating system the Advisory applies to | direct |
| product | 0..1 Product |
The product where the vulnerability was discovered | direct |
| references | * recommended String |
A list of reference URLs with additional information about the vulnerabilitie... | direct |
| related_cves | * Cve |
A list of Common Vulnerabilities and Exposures <a target='_blank' | direct |
| related_cwes | * Cwe |
A list of Common Weakness Enumeration <a target='_blank' | direct |
| size | 0..1 Integer |
The size in bytes for the Advisory | direct |
| src_url | 0..1 UrlT |
The Advisory link from the source vendor | direct |
| title | 0..1 recommended String |
A title or a brief phrase summarizing the Advisory | direct |
| uid | 1 String |
The unique identifier assigned to the advisory or disclosed vulnerability, e | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Vulnerability | advisory | range | Advisory |
In Subsets
Aliases
- Advisory
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Advisory |
| native | ocsf:Advisory |
| close | cve:CnaPublishedContainer |
LinkML Source
Direct
name: Advisory
description: 'The Advisory object represents publicly disclosed cybersecurity vulnerabilities
defined in a Security advisory. e.g. <code> Microsoft KB Article</code>,
<code>Apple Security Advisory</code>, or a <code>GitHub Security Advisory
(GHSA)</code>'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Advisory
close_mappings:
- cve:CnaPublishedContainer
is_a: Object
slots:
- avg_timespan
- bulletin
- classification
- created_time
- desc
- install_state
- install_state_id
- is_superseded
- modified_time
- os
- product
- references
- related_cves
- related_cwes
- size
- src_url
- title
- uid
slot_usage:
avg_timespan:
name: avg_timespan
description: The average time to patch.
bulletin:
name: bulletin
description: The Advisory bulletin identifier.
classification:
name: classification
description: The vendors classification of the Advisory.
created_time:
name: created_time
description: The time when the Advisory record was created.
recommended: true
desc:
name: desc
description: A brief description of the Advisory Record.
install_state:
name: install_state
description: The install state of the Advisory.
recommended: true
install_state_id:
name: install_state_id
description: The normalized install state ID of the Advisory.
recommended: true
is_superseded:
name: is_superseded
description: The Advisory has been replaced by another.
modified_time:
name: modified_time
description: The time when the Advisory record was last updated.
os:
name: os
description: The operating system the Advisory applies to.
recommended: true
product:
name: product
description: The product where the vulnerability was discovered.
references:
name: references
description: 'A list of reference URLs with additional information about the vulnerabilities
disclosed in the Advisory.'
recommended: true
related_cves:
name: related_cves
description: 'A list of Common Vulnerabilities and Exposures <a target=''_blank''
href=''https://cve.mitre.org/''>(CVE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
related_cwes:
name: related_cwes
description: 'A list of Common Weakness Enumeration <a target=''_blank''
href=''https://cwe.mitre.org/''>(CWE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
size:
name: size
description: The size in bytes for the Advisory. Usually populated for a KB Article
patch.
src_url:
name: src_url
description: The Advisory link from the source vendor.
title:
name: title
description: A title or a brief phrase summarizing the Advisory.
recommended: true
uid:
name: uid
description: 'The unique identifier assigned to the advisory or disclosed vulnerability,
e.g,
<code>GHSA-5mrr-rgp6-x4gr</code>.'
required: true
Induced
name: Advisory
description: 'The Advisory object represents publicly disclosed cybersecurity vulnerabilities
defined in a Security advisory. e.g. <code> Microsoft KB Article</code>,
<code>Apple Security Advisory</code>, or a <code>GitHub Security Advisory
(GHSA)</code>'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Advisory
close_mappings:
- cve:CnaPublishedContainer
is_a: Object
slot_usage:
avg_timespan:
name: avg_timespan
description: The average time to patch.
bulletin:
name: bulletin
description: The Advisory bulletin identifier.
classification:
name: classification
description: The vendors classification of the Advisory.
created_time:
name: created_time
description: The time when the Advisory record was created.
recommended: true
desc:
name: desc
description: A brief description of the Advisory Record.
install_state:
name: install_state
description: The install state of the Advisory.
recommended: true
install_state_id:
name: install_state_id
description: The normalized install state ID of the Advisory.
recommended: true
is_superseded:
name: is_superseded
description: The Advisory has been replaced by another.
modified_time:
name: modified_time
description: The time when the Advisory record was last updated.
os:
name: os
description: The operating system the Advisory applies to.
recommended: true
product:
name: product
description: The product where the vulnerability was discovered.
references:
name: references
description: 'A list of reference URLs with additional information about the vulnerabilities
disclosed in the Advisory.'
recommended: true
related_cves:
name: related_cves
description: 'A list of Common Vulnerabilities and Exposures <a target=''_blank''
href=''https://cve.mitre.org/''>(CVE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
related_cwes:
name: related_cwes
description: 'A list of Common Weakness Enumeration <a target=''_blank''
href=''https://cwe.mitre.org/''>(CWE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
size:
name: size
description: The size in bytes for the Advisory. Usually populated for a KB Article
patch.
src_url:
name: src_url
description: The Advisory link from the source vendor.
title:
name: title
description: A title or a brief phrase summarizing the Advisory.
recommended: true
uid:
name: uid
description: 'The unique identifier assigned to the advisory or disclosed vulnerability,
e.g,
<code>GHSA-5mrr-rgp6-x4gr</code>.'
required: true
attributes:
avg_timespan:
name: avg_timespan
description: The average time to patch.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Average Timespan
rank: 1000
alias: avg_timespan
owner: Advisory
domain_of:
- Advisory
- KbArticle
range: Timespan
bulletin:
name: bulletin
description: The Advisory bulletin identifier.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Patch Bulletin
rank: 1000
alias: bulletin
owner: Advisory
domain_of:
- Advisory
- KbArticle
range: string
classification:
name: classification
description: The vendors classification of the Advisory.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Classification
rank: 1000
alias: classification
owner: Advisory
domain_of:
- Advisory
- KbArticle
- LoadBalancer
- DroneFlightsActivity
range: string
created_time:
name: created_time
description: The time when the Advisory record was created.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Created Time
rank: 1000
alias: created_time
owner: Advisory
domain_of:
- Osint
- RelatedEvent
- Sbom
- Scim
- Session
- Sso
- Token
- Whois
- Resource
- Advisory
- AuthenticationToken
- Certificate
- Cve
- Database
- Databucket
- DigitalSignature
- Enrichment
- Epss
- File
- FindingObject
- FindingInfo
- Job
- KbArticle
- LdapPerson
- ProcessEntity
- Table
- Device
range: TimestampT
recommended: true
desc:
name: desc
description: A brief description of the Advisory Record.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Description
rank: 1000
alias: desc
owner: Advisory
domain_of:
- Osint
- RelatedEvent
- Remediation
- Vulnerability
- Advisory
- Analytic
- ApplicationObject
- Assessment
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- Compliance
- Cve
- Database
- Databucket
- Enrichment
- File
- FindingObject
- FindingInfo
- Graph
- Group
- Job
- Location
- Node
- Policy
- Rule
- Table
- WebResource
- Device
- IncidentFinding
range: string
install_state:
name: install_state
description: The install state of the Advisory.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Install State
rank: 1000
alias: install_state
owner: Advisory
domain_of:
- Advisory
- KbArticle
range: string
recommended: true
install_state_id:
name: install_state_id
annotations:
sibling:
tag: sibling
value: install_state
description: The normalized install state ID of the Advisory.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Install State ID
rank: 1000
alias: install_state_id
owner: Advisory
domain_of:
- Advisory
- KbArticle
range: InstallStateIdEnum
recommended: true
is_superseded:
name: is_superseded
description: The Advisory has been replaced by another.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- The patch is superseded.
rank: 1000
alias: is_superseded
owner: Advisory
domain_of:
- Advisory
- KbArticle
range: boolean
modified_time:
name: modified_time
description: The time when the Advisory record was last updated.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Modified Time
rank: 1000
alias: modified_time
owner: Advisory
domain_of:
- Osint
- RelatedEvent
- Scim
- Sso
- Token
- Resource
- Advisory
- Cve
- Database
- Databucket
- File
- FindingObject
- FindingInfo
- LdapPerson
- Metadata
- Table
- Device
- RegKey
- RegValue
range: TimestampT
os:
name: os
description: The operating system the Advisory applies to.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- OS
rank: 1000
alias: os
owner: Advisory
domain_of:
- Advisory
- Endpoint
- KbArticle
range: Os
recommended: true
product:
name: product
description: The product where the vulnerability was discovered.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Product
rank: 1000
alias: product
owner: Advisory
domain_of:
- RelatedEvent
- Sbom
- Advisory
- Cve
- File
- FindingObject
- FindingInfo
- KbArticle
- Logger
- Metadata
- TransformationInfo
- SoftwareInfo
range: Product
references:
name: references
description: 'A list of reference URLs with additional information about the vulnerabilities
disclosed in the Advisory.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- References
rank: 1000
alias: references
owner: Advisory
domain_of:
- Osint
- Remediation
- Vulnerability
- Advisory
- Cve
range: string
recommended: true
multivalued: true
related_cves:
name: related_cves
description: 'A list of Common Vulnerabilities and Exposures <a target=''_blank''
href=''https://cve.mitre.org/''>(CVE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Related CVEs
rank: 1000
alias: related_cves
owner: Advisory
domain_of:
- Advisory
range: Cve
multivalued: true
related_cwes:
name: related_cwes
description: 'A list of Common Weakness Enumeration <a target=''_blank''
href=''https://cwe.mitre.org/''>(CWE)</a> identifiers related to the
vulnerabilities disclosed in the Advisory.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Related CWEs
rank: 1000
alias: related_cwes
owner: Advisory
domain_of:
- Advisory
- Cve
range: Cwe
multivalued: true
size:
name: size
description: The size in bytes for the Advisory. Usually populated for a KB Article
patch.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Size
rank: 1000
alias: size
owner: Advisory
domain_of:
- Advisory
- Container
- DataClassification
- Database
- Databucket
- Email
- File
- KbArticle
- Table
- MalwareScanInfo
- MemoryActivity
range: integer
src_url:
name: src_url
description: The Advisory link from the source vendor.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Source URL
rank: 1000
alias: src_url
owner: Advisory
domain_of:
- Osint
- Package
- Ticket
- Advisory
- Cvss
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Enrichment
- FindingObject
- FindingInfo
- KbArticle
- Mitigation
- SubTechnique
- Tactic
- Technique
- IncidentProfile
- IncidentFinding
range: UrlT
title:
name: title
description: A title or a brief phrase summarizing the Advisory.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Title
rank: 1000
alias: title
owner: Advisory
domain_of:
- RelatedEvent
- Ticket
- Vulnerability
- Advisory
- Cve
- FindingObject
- FindingInfo
- KbArticle
range: string
recommended: true
uid:
name: uid
description: 'The unique identifier assigned to the advisory or disclosed vulnerability,
e.g,
<code>GHSA-5mrr-rgp6-x4gr</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Advisory
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
required: true