It is the instance of a particular SecurityVulnerability that has been classified into one of the three categories (software flaw, software feature misuse, or software configuration issue).

Notes: For example (hypothetically), Internet Explorer could have a bug that is categorized as a software flaw. There can be vulnerabilities that have one or more of the three category types associated with it. In this case, the vulnerability would be scored for all three types.

Attributes
SecurityVulnerability	securityVulnerability
SecurityVulnerabilityCategoryType	securityVulnerabilityCategoryType
SecurityVulnerabilityMetric	securityVulnerabilityMetric
SecVulnerabilityScoringSystem	secVulnerabilityScoringDefn
«baseType» TimePeriod	validFor	The period of time that the security vulnerability is active.

 securityVulnerability

Public SecurityVulnerability securityVulnerability

Constraints:

Properties:

Aggregation	None
Alias
Association	SecurityVulnerabilityAssigned
Association End
Class	SecurityVulnerabilityCategoryAssignment
Datatype
Default
Default Value
Is Composite	false
Is Derived	false
Is Derived Union	false
Is Leaf	false
Is Ordered	false
Is Read Only	false
Is Static	false
Is Unique	true
Keywords
Lower	1
Lower Value	(1)
Multiplicity	1
Name	securityVulnerability
Name Expression
Namespace	SecurityVulnerabilityCategoryAssignment
Opposite	securityVulnerabilityCategory
Owner	SecurityVulnerabilityCategoryAssignment
Owning Association
Owning Template Parameter
Qualified Name	SID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::SecurityVulnerabilityCategoryAssignment::securityVulnerability
Stereotype
Template Parameter
Type	SecurityVulnerability
Upper	1
Upper Value	(1)
Visibility	Public

 securityVulnerabilityCategoryType

Public SecurityVulnerabilityCategoryType securityVulnerabilityCategoryType

Constraints:

Properties:

Aggregation	None
Alias
Association	SecurityVulnerabilityCategoryTypeDescribes
Association End
Class	SecurityVulnerabilityCategoryAssignment
Datatype
Default
Default Value
Is Composite	false
Is Derived	false
Is Derived Union	false
Is Leaf	false
Is Ordered	false
Is Read Only	false
Is Static	false
Is Unique	true
Keywords
Lower	1
Lower Value	(1)
Multiplicity	1
Name	securityVulnerabilityCategoryType
Name Expression
Namespace	SecurityVulnerabilityCategoryAssignment
Opposite	securityVulnerabilityCategory
Owner	SecurityVulnerabilityCategoryAssignment
Owning Association
Owning Template Parameter
Qualified Name	SID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::SecurityVulnerabilityCategoryAssignment::securityVulnerabilityCategoryType
Stereotype
Template Parameter
Type	SecurityVulnerabilityCategoryType
Upper	1
Upper Value	(1)
Visibility	Public

 securityVulnerabilityMetric

Public SecurityVulnerabilityMetric securityVulnerabilityMetric

Constraints:

Properties:

Aggregation	None
Alias
Association	SecurityVulnerabilityMetricAssignedTo
Association End
Class	SecurityVulnerabilityCategoryAssignment
Datatype
Default
Default Value
Is Composite	false
Is Derived	false
Is Derived Union	false
Is Leaf	false
Is Ordered	false
Is Read Only	false
Is Static	false
Is Unique	true
Keywords
Lower	0
Lower Value	(0)
Multiplicity	*
Name	securityVulnerabilityMetric
Name Expression
Namespace	SecurityVulnerabilityCategoryAssignment
Opposite	securityVulnerabilityCategory
Owner	SecurityVulnerabilityCategoryAssignment
Owning Association
Owning Template Parameter
Qualified Name	SID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::SecurityVulnerabilityCategoryAssignment::securityVulnerabilityMetric
Stereotype
Template Parameter
Type	SecurityVulnerabilityMetric
Upper	*
Upper Value	(*)
Visibility	Public

 secVulnerabilityScoringDefn

Public SecVulnerabilityScoringSystem secVulnerabilityScoringDefn

Constraints:

Properties:

Aggregation	None
Alias
Association	SecurityVulnerabilityCategoryScoredUsing
Association End
Class	SecurityVulnerabilityCategoryAssignment
Datatype
Default
Default Value
Is Composite	false
Is Derived	false
Is Derived Union	false
Is Leaf	false
Is Ordered	false
Is Read Only	false
Is Static	false
Is Unique	true
Keywords
Lower	0
Lower Value	(0)
Multiplicity	*
Name	secVulnerabilityScoringDefn
Name Expression
Namespace	SecurityVulnerabilityCategoryAssignment
Opposite	securityVulnerabilityCategory
Owner	SecurityVulnerabilityCategoryAssignment
Owning Association
Owning Template Parameter
Qualified Name	SID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::SecurityVulnerabilityCategoryAssignment::secVulnerabilityScoringDefn
Stereotype
Template Parameter
Type	SecVulnerabilityScoringSystem
Upper	*
Upper Value	(*)
Visibility	Public

 validFor

Public «baseType» TimePeriod validFor

The period of time that the security vulnerability is active.

Constraints:

Properties:

Aggregation	None
Alias
Association
Association End
Class	SecurityVulnerabilityCategoryAssignment
Datatype
Default
Default Value
Is Composite	false
Is Derived	false
Is Derived Union	false
Is Leaf	false
Is Ordered	false
Is Read Only	false
Is Static	false
Is Unique	true
Keywords
Lower	1
Lower Value
Multiplicity	None (1)
Name	validFor
Name Expression
Namespace	SecurityVulnerabilityCategoryAssignment
Opposite
Owner	SecurityVulnerabilityCategoryAssignment
Owning Association
Owning Template Parameter
Qualified Name	SID Models::Enterprise Domain::Enterprise Risk ABE::Enterprise Security ABE::Security Vulnerability ABE::SecurityVulnerabilityCategoryAssignment::validFor
Stereotype
Template Parameter
Type	«baseType» TimePeriod
Upper	1
Upper Value
Visibility	Public