Vulnerability Assessment Report

Detects vulnerability assessment reports containing CVE details and unpatched system findings.

Type

keyword_list

Confidence

medium

Confidence justification

Medium confidence: keyword-based detection requires corroborative evidence for accurate identification.

Jurisdictions

au

Regulations

Criminal Code Act 1995 (Cth), SOCI Act 2018 (Cth)

Frameworks

CIS Controls, ISO 27001, NIST CSF, PCI-DSS

Data categories

security

Scope

narrow

Risk rating

9

Should match

• Vulnerability assessment report: CVE-2025-1234 with CVSS score 9.8 critical — Test match 1
• Vulnerability scan findings: unpatched systems and remediation priority list — Test match 2
• Vulnerability management: critical vulnerability finding with patch status review — Test match 3

Should not match

• Emotional vulnerability in relationships — Non-match 1
• Vulnerability of the coastline to erosion — Non-match 2

Known false positives

• Non-technical use of vulnerability. Mitigation: Require CVE, CVSS, or vulnerability scan specific terms.