Frameworx Home

Application Framework (TAM)

Business Process Framework (eTOM)

Business Process Framework Flows

Information Framework (SID)

Business Metrics High Level

All Diagrams

Frameworx Processes

Frameworx Applications

Information Framework ABEs

Frameworx Metrics

Views

Frameworx Information: SecurityVulnerability

Alternate Name: Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE

Category: [a] Class

Description

An information security #@#@vulnerability#@#@ is a mistake in software that can be directly used by a hacker to gain access to a system or network. \n\nCVE considers a mistake a vulnerability if it allows an attacker to use it to violate a reasonable security policy for that system (this excludes excluding entirely #@#@open#@#@ security policies in which all users are trusted, or where there is no consideration of risk to the system). \n\nFor CVE, a vulnerability is a state in a computing system (or set of systems) that either: \n\n · allows an attacker to execute commands as another user \n · allows an attacker to access data that is contrary to the specified access restrictions for that data \n · allows an attacker to pose as another entity \n · allows an attacker to conduct a denial of service \n\nsource: http://cve.mitre.org

[a] Class SecurityVulnerability

Issues

  • Information Framework 12.0 Addition
  • Information Framework 12.5 Modification

Frameworx Domains


This was created from the Frameworx 16.0 Model


Created from the TM Forum Model Frameworx 16.0.0 on 6/13/2016 at 22:48