Class: Nexpose::VulnerabilityDefinition

Inherits:
APIObject
  • Object
show all
Defined in:
lib/nexpose/vuln_def.rb

Overview

Vulnerability definition object. Represents a known vulnerability on a given Nexpose console.

Instance Attribute Summary collapse

Class Method Summary collapse

Methods inherited from APIObject

#object_from_hash

Instance Attribute Details

#cvesObject (readonly)

The CVEs for the vulnerability.



84
85
86
 
# File 'lib/nexpose/vuln_def.rb', line 84

def cves
  @cves
end

#cvss_exploit_scoreObject (readonly)

Base score for the exploitability of a vulnerability that is used to compute the overall CVSS score.



109
110
111
 
# File 'lib/nexpose/vuln_def.rb', line 109

def cvss_exploit_score
  @cvss_exploit_score
end

#cvss_impact_scoreObject (readonly)

Base score for the impact of a vulnerability that is used to compute the overall CVSS score.



112
113
114
 
# File 'lib/nexpose/vuln_def.rb', line 112

def cvss_impact_score
  @cvss_impact_score
end

#cvss_scoreObject (readonly)

CVSS score of the vulnerability. Value between 0.0 and 10.0.



104
105
106
 
# File 'lib/nexpose/vuln_def.rb', line 104

def cvss_score
  @cvss_score
end

#cvss_vectorObject (readonly)

Full CVSS vector in CVSS Version 2.0 notation.



106
107
108
 
# File 'lib/nexpose/vuln_def.rb', line 106

def cvss_vector
  @cvss_vector
end

#date_addedObject (readonly)

Date the vulnerability was first checked by Nexpose.



89
90
91
 
# File 'lib/nexpose/vuln_def.rb', line 89

def date_added
  @date_added
end

#date_publishedObject (readonly)

Date the vulnerability was publicized by the third-party, vendor, or another authoring source.



87
88
89
 
# File 'lib/nexpose/vuln_def.rb', line 87

def date_published
  @date_published
end

#denial_of_serviceObject (readonly)

Whether the vulnerability is classified as a denial-of-service vuln.



115
116
117
 
# File 'lib/nexpose/vuln_def.rb', line 115

def denial_of_service
  @denial_of_service
end

#descriptionObject (readonly)

Vulnerability description, usually formated in HTML.



82
83
84
 
# File 'lib/nexpose/vuln_def.rb', line 82

def description
  @description
end

#idObject (readonly)

Unique identifier of a vulnerability definition.



78
79
80
 
# File 'lib/nexpose/vuln_def.rb', line 78

def id
  @id
end

#pci_severity_scoreObject (readonly)

PCI severity score of the vulnerability, measured on a scale of 1 to 5.



101
102
103
 
# File 'lib/nexpose/vuln_def.rb', line 101

def pci_severity_score
  @pci_severity_score
end

#pci_statusObject (readonly)

Whether the presence of the vulnerability can cause PCI failure. One of: Pass, Fail.



99
100
101
 
# File 'lib/nexpose/vuln_def.rb', line 99

def pci_status
  @pci_status
end

#riskscoreObject (readonly)

Risk score associated with vulnerability.



95
96
97
 
# File 'lib/nexpose/vuln_def.rb', line 95

def riskscore
  @riskscore
end

#severityObject (readonly)

Severity category. One of: Critical, Severe, Moderate.



91
92
93
 
# File 'lib/nexpose/vuln_def.rb', line 91

def severity
  @severity
end

#severity_scoreObject (readonly)

Severity score, in the range of 0.0 to 10.0.



93
94
95
 
# File 'lib/nexpose/vuln_def.rb', line 93

def severity_score
  @severity_score
end

#titleObject (readonly)

Vulnerability title.



80
81
82
 
# File 'lib/nexpose/vuln_def.rb', line 80

def title
  @title
end

Class Method Details

.load(nsc, id) ⇒ VulnerabilityDefinition

Load a vulnerability definition from the provided console.

Parameters:

  • nsc (Connection)

    Active connection to a Nexpose console.

  • id (String)

    Unique identifier of a vulnerability definition.

Returns:



123
124
125
126
127
128
 
# File 'lib/nexpose/vuln_def.rb', line 123

def self.load(nsc, id)
  uri  = "/api/2.0/vulnerability_definitions/#{id}"
  resp = AJAX.get(nsc, uri, AJAX::CONTENT_TYPE::JSON)
  hash = JSON.parse(resp, symbolize_names: true)
  new.object_from_hash(nsc, hash)
end