glossary

What is a vulnerability?

Source-cited RoleMath page about What is a vulnerability?.

Build my personalized career plan

Researched by RoleMath Research. Every figure on this page traces to the official source shown next to it.

What is a vulnerability?

A vulnerability is a weakness in a system, its security procedures, internal controls, or implementation that could be exploited or triggered by a threat source to cause harm.

What it means

Per NIST, a vulnerability is an exploitable weakness in an information system or its controls. It is the gap that an attack targets — for example a missing patch, a misconfiguration, or weak access rules. Finding, ranking, and fixing vulnerabilities is central to security-analyst, vulnerability-management, and audit work.

Sources

  • National Institute of Standards and Technology — NIST CSRC Glossary: https://csrc.nist.gov/glossary

Citation Ledger

IDSupportsEvidenceSource
CIT-01Definition source for What is a vulnerability?Official source pageNational Institute of Standards and Technology — NIST CSRC Glossary

Ready to see how this fits your background?

RoleMath planner