Class: AddVulnDetails

Inherits:
ActiveRecord::Migration
  • Object
show all
Defined in:
db/migrate/20120625000000_add_vuln_details.rb

Class Method Summary collapse

Class Method Details

.downObject 



31
32
33
 
# File 'db/migrate/20120625000000_add_vuln_details.rb', line 31

def self.down
  drop_table :vuln_details
end

.upObject 



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'db/migrate/20120625000000_add_vuln_details.rb', line 3

def self.up
  create_table :vuln_details do |t|
    t.integer   :vuln_id     # Vuln table reference
    t.float   :cvss_score  # 0.0 to 10.0
    t.string  :cvss_vector # Ex: (AV:N/AC:L/Au:N/C:C/I:C/A:C)(AV:N/AC:L/Au:N/C:C/I:C/A:C)

    t.string  :title       # Short identifier
    t.text    :description # Plain text or HTML (trusted)
    t.text    :solution    # Plain text or HTML (trusted)
    t.binary  :proof       # Should be UTF-8, but may not be, sanitize on output
                       # Technically this duplicates vuln.info, but that field
                       # is poorly managed / handled today. Eventually we will
                       # replace vuln.info

    # Nexpose-specific fields
    t.integer :nx_console_id   # NexposeConsole table reference
    t.integer :nx_device_id    # Reference from the Nexpose side
    t.string  :nx_vuln_id      # 'jre-java-update-flaw'
    t.float   :nx_severity     # 0-10
    t.float   :nx_pci_severity # 0-10
    t.timestamp :nx_published    # Normalized from "20081205T000000000"
    t.timestamp :nx_added        # Normalized from "20081205T000000000"
    t.timestamp :nx_modified     # Normalized from "20081205T000000000"
    t.text    :nx_tags         # Comma separated

  end
end