Vulnerability

A vulnerability is a specific weakness in a system, application, or configuration that could be exploited by a threat actor to cause harm. Vulnerabilities are typically identified as Common Vulnerabilities and Exposures (CVEs) and scored for severity using the Common Vulnerability Scoring System (CVSS). The presence of a vulnerability does not automatically constitute risk; risk is the product of vulnerability, threat likelihood, and potential impact.