====== Vulnerability ======
[[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]]

===== Definition #1 =====

A **Vulnerability** is a [[dido:public:ra:xapend:xapend.a_glossary:c:cyber_security]] term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of [[dido:public:ra:xapend:xapend.a_glossary:w:weakness]] in a computer system itself, in a set of [[dido:public:ra:xapend:xapend.a_glossary:b:business_process| Business Processes]], or in anything that leaves information security exposed to a cyberthreat.


Source: [[https://www.techopedia.com/definition/13484/vulnerability ]]

===== Definition #2 =====

A [[dido:public:ra:xapend:xapend.a_glossary:w:weakness]] or flaw in the functional behavior of a vulnerable computational [[dido:public:ra:xapend:xapend.a_glossary:c:component]] ([[dido:public:ra:xapend:xapend.a_glossary:s:software]] or [[dido:public:ra:xapend:xapend.a_glossary:h:hardware]]) that can be exploited, resulting in a negative impact to the [[dido:public:ra:xapend:xapend.a_glossary:c:cia]] of an impacted Component.

Source: [[https://www.first.org/cvss/user-guide#Glossary-of-Terms]]

/**=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
/* To add a discussion page to this page, comment out the line that says 
  ~~DISCUSSION:off~~
*/
~~DISCUSSION:on|Outstanding Issues~~
~~DISCUSSION:off~~