Kurt Seifried
So I looked through the schema (top of https://cwe.mitre.org/about/documents.html) is there an actual schema definition for XML/JSON versions of this data? I have about 20 CWE's candidates to submit and I'd like to make some structured entries or at least well formatted entries, share them (e.g. in google drive) and let people comment/etc so we don't get crazy email threads. A quick look at some entries (can MITRE supply a list of the possible values, see the TODO entries?):

Description - 1 sentence

Extended Description - Details

Relationships - other CWEs/etc it is related to

Modes of introduction:

Phase: TODO: find list of phases

Applicable Platforms:




TODO: find list of platforms

Common Consequences:

Scope and Impact

Todo: find a list of scopes and impacts

Likelihood Of Exploit:

High (other values?)

Demonstrative Examples:

Example 1, etc.

Potential Mitigations:

Phases: TODO get full list of Phases

Phase: Architecture and Design

Phase: Implementation; Architecture and Design

Phases: Architecture and Design; Implementation

Phase: Operation

Phases: Operation; Implementation


Nature / Type / ID / Name


TODO: list of all notes

Applicable Platform


Kurt Seifried
[hidden email]