exposure
The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network.
Senses
Sense 1
The condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network.
- NICCS (CISA) Cybersecurity VocabularyJan 06, 2026NICCS glossary export (CSV)https://niccs.cisa.gov/rest/vocab/export-csvNICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).
(I)
A type of threat action whereby sensitive data is directly released to an unauthorized entity. (See: unauthorized disclosure.)
Usage: This type of threat action includes the following subtypes:
-
"Deliberate Exposure": Intentional release of sensitive data to an unauthorized entity.
-
"Scavenging": Searching through data residue in a system to gain unauthorized knowledge of sensitive data.
-
"Human error": /exposure/ Human action or inaction that unintentionally results in an entity gaining unauthorized knowledge of sensitive data. (Compare: corruption, incapacitation.)
-
"Hardware or software error": /exposure/ System failure that unintentionally results in an entity gaining unauthorized
knowledge of sensitive data. (Compare: corruption, incapacitation.)
- IETF RFC 4949 (Internet Security Glossary)Jan 06, 2026RFC 4949 — Internet Security Glossary (Version 2)https://www.rfc-editor.org/rfc/rfc4949.txtRFC 4949 is published by the IETF Trust and marked as "Distribution of this memo is unlimited". Verify IETF Trust copyright/licensing terms for reuse.Source: IETF RFC 4949 (rfc-editor.org).