Class: Nexpose::XML::VulnerabilitySummary

Inherits:
Vulnerability show all
Defined in:
lib/nexpose/vuln.rb

Overview

Summary of a vulnerability.

Direct Known Subclasses

VulnerabilityDetail

Instance Attribute Summary collapse

Attributes inherited from Vulnerability

#id, #severity, #title

Class Method Summary collapse

Methods inherited from Vulnerability

#initialize

Constructor Details

This class inherits a constructor from Nexpose::XML::Vulnerability

Instance Attribute Details

#addedObject

When this vulnerability was first included in the application.



151
152
153
# File 'lib/nexpose/vuln.rb', line 151

def added
  @added
end

#credentialsObject

A vulnerability is considered “credentialed” when all of its checks require credentials or if the check depends on previous authentication during a scan.



149
150
151
# File 'lib/nexpose/vuln.rb', line 149

def credentials
  @credentials
end

#cvss_scoreObject

The computation of the Common Vulnerability Scoring System indicating compliance with PCI standards on a scale from 0 to 10.0.



160
161
162
# File 'lib/nexpose/vuln.rb', line 160

def cvss_score
  @cvss_score
end

#cvss_vectorObject

How the vulnerability is exploited according to PCI standards.



157
158
159
# File 'lib/nexpose/vuln.rb', line 157

def cvss_vector
  @cvss_vector
end

#modifiedObject

The last date the vulnerability was modified.



153
154
155
# File 'lib/nexpose/vuln.rb', line 153

def modified
  @modified
end

#pci_severityObject

PCI severity value for the vulnerability on a scale of 1 to 5.



142
143
144
# File 'lib/nexpose/vuln.rb', line 142

def pci_severity
  @pci_severity
end

#publishedObject

The date when the information about the vulnerability was first released.



155
156
157
# File 'lib/nexpose/vuln.rb', line 155

def published
  @published
end

#safeObject

Whether all checks for the vulnerability are safe. Unsafe checks may cause denial of service or otherwise disrupt system performance.



145
146
147
# File 'lib/nexpose/vuln.rb', line 145

def safe
  @safe
end

Class Method Details

.parse(xml) ⇒ Object



180
181
182
# File 'lib/nexpose/vuln.rb', line 180

def self.parse(xml)
  parse_attributes(xml)
end

.parse_attributes(xml) ⇒ Object



162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# File 'lib/nexpose/vuln.rb', line 162

def self.parse_attributes(xml)
  vuln = new(xml.attributes['id'],
             xml.attributes['title'],
             xml.attributes['severity'].to_i)

  vuln.pci_severity = xml.attributes['pciSeverity'].to_i
  vuln.safe = xml.attributes['safe'] == 'true'  # or xml.attributes['safe'] == '1'
  vuln.added = Date.parse(xml.attributes['added'])
  vuln.modified = Date.parse(xml.attributes['modified'])
  vuln.credentials = xml.attributes['requiresCredentials'] == 'true'

  # These three fields are optional in the XSD.
  vuln.published = Date.parse(xml.attributes['published']) if xml.attributes['published']
  vuln.cvss_vector = xml.attributes['cvssVector'] if xml.attributes['cvssVector']
  vuln.cvss_score = xml.attributes['cvssScore'].to_f if xml.attributes['cvssScore']
  vuln
end