Users should be able to provide multiple entity roles to an action #96
Assignees
Labels
enhancement
New feature or request
Object/Relationship Adjustment
The issue is related to adding or modifying Objects and/or their Relationships in the data model
Milestone
Comments
Chris-Turner-NIST
added
the
Object/Relationship Adjustment
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Entity Role was created to support the concept of "Scope" within CVSS. CVSS has evolved a few times since this was originally added making multiple nuanced concepts that may or may not apply. We should allow a user to apply any of those possible values, but maintain that each group of types should remain mutually exclusive from their pairs.
Example:
User should be able to associate "Component:Vulnerable" and "Security Authority:Primary" to the same Action.
User should not be able to associate "Security Authority:Primary" and "Security Authority:Secondary" to the same Action.
The text was updated successfully, but these errors were encountered: