Class: Nexpose::XML::VulnerabilitySummary

Inherits:
Vulnerability show all
Defined in:
lib/nexpose/vuln.rb

Overview

Summary of a vulnerability.

Direct Known Subclasses

VulnerabilityDetail

Instance Attribute Summary collapse

Attributes inherited from Vulnerability

#id, #severity, #title

Class Method Summary collapse

Methods inherited from Vulnerability

#initialize

Constructor Details

This class inherits a constructor from Nexpose::XML::Vulnerability

Instance Attribute Details

#addedObject

When this vulnerability was first included in the application.



153
154
155
# File 'lib/nexpose/vuln.rb', line 153

def added
  @added
end

#credentialsObject

A vulnerability is considered “credentialed” when all of its checks require credentials or if the check depends on previous authentication during a scan.



151
152
153
# File 'lib/nexpose/vuln.rb', line 151

def credentials
  @credentials
end

#cvss_scoreObject

The computation of the Common Vulnerability Scoring System indicating compliance with PCI standards on a scale from 0 to 10.0.



162
163
164
# File 'lib/nexpose/vuln.rb', line 162

def cvss_score
  @cvss_score
end

#cvss_vectorObject

How the vulnerability is exploited according to PCI standards.



159
160
161
# File 'lib/nexpose/vuln.rb', line 159

def cvss_vector
  @cvss_vector
end

#modifiedObject

The last date the vulnerability was modified.



155
156
157
# File 'lib/nexpose/vuln.rb', line 155

def modified
  @modified
end

#pci_severityObject

PCI severity value for the vulnerability on a scale of 1 to 5.



144
145
146
# File 'lib/nexpose/vuln.rb', line 144

def pci_severity
  @pci_severity
end

#publishedObject

The date when the information about the vulnerability was first released.



157
158
159
# File 'lib/nexpose/vuln.rb', line 157

def published
  @published
end

#safeObject

Whether all checks for the vulnerability are safe. Unsafe checks may cause denial of service or otherwise disrupt system performance.



147
148
149
# File 'lib/nexpose/vuln.rb', line 147

def safe
  @safe
end

Class Method Details

.parse(xml) ⇒ Object



182
183
184
# File 'lib/nexpose/vuln.rb', line 182

def self.parse(xml)
  parse_attributes(xml)
end

.parse_attributes(xml) ⇒ Object



164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# File 'lib/nexpose/vuln.rb', line 164

def self.parse_attributes(xml)
  vuln = new(xml.attributes['id'],
             xml.attributes['title'],
             xml.attributes['severity'].to_i)

  vuln.pci_severity = xml.attributes['pciSeverity'].to_i
  vuln.safe         = xml.attributes['safe'] == 'true' # or xml.attributes['safe'] == '1'
  vuln.added        = Date.parse(xml.attributes['added'])
  vuln.modified     = Date.parse(xml.attributes['modified'])
  vuln.credentials  = xml.attributes['requiresCredentials'] == 'true'

  # These three fields are optional in the XSD.
  vuln.published    = Date.parse(xml.attributes['published']) if xml.attributes['published']
  vuln.cvss_vector  = xml.attributes['cvssVector'] if xml.attributes['cvssVector']
  vuln.cvss_score   = xml.attributes['cvssScore'].to_f if xml.attributes['cvssScore']
  vuln
end