Vulnerability (Information Security)

Vulnerability is the weakest link of an asset or a group of assets that can be exploited by one or more imminent dangers (developer's mistake, wrong installation). In most cases vulnerability is due to the fact that an asset is not sufficiently protected, rather than to the asset itself.

Vulnerability in itself is not harmful to the organization. Only when an imminent danger can accidentally use the vulnerability and possible special circumstances, a damaging incident can occur.