Page 163

The University of SydneyPage 14Vulnerabilities–Definition of Vulnerability–“A weakness of an asset or group of assets that can be exploited by one or more threats” [ISO/IEC 13335-1:2004]–“A security vulnerability is a weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of that product.”[Microsoft Security Response Centre -https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)?redirectedfrom=MSDN]–Vulnerabilities exist in hardware, software and data–CVE (Common Vulnerabilities and Exposures database)http://cve.mitre.org/cve/