The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.
Sources:
FIPS 200
under THREAT SOURCE
NIST SP 1800-21B
under Threat Sources
NIST SP 800-128
under Threat Source
from
FIPS 200
NIST SP 800-128
from
FIPS 200
NIST SP 800-137
under Threat Source
from
FIPS 200
The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
CNSSI 4009-2015
from
FIPS 200
NIST SP 800-30 Rev. 1
under Threat Source
from
CNSSI 4009
NIST SP 800-39
under Threat Source
from
CNSSI 4009
NIST SP 800-82r3
from
FIPS 200
NISTIR 7622
under Threat Source
from
CNSSI 4009
Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, or modification of information, and/or denial of service.
Sources:
NIST SP 800-160 Vol. 2 Rev. 1
from
CNSSI 4009-2015
The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. See threat agent.
Sources:
NIST SP 800-37 Rev. 2
from
FIPS 200
NIST SP 800-53 Rev. 5
from
FIPS 200
NIST SP 800-53A Rev. 5
from
FIPS 200
The intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability.
Sources:
NIST SP 800-161r1-upd1
[11/1/2024 errata update]
from
NIST SP 800-53 Rev. 5
A malicious person with harmful intent or an unintended or unavoidable situation (such as a natural disaster, technical failure, or human error) that may trigger a vulnerability.
Sources:
NISTIR 8286
under Threat Source