Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 08:28:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 107
fleet/ee/vulnerability-dashboard/api/models/Vulnerability.js

102 lines
3.7 KiB
JavaScript
Raw Normal View History

Add `fleet-vulnerability-dashboard` repo to `ee/` folder (#17428) Closes: https://github.com/fleetdm/confidential/issues/4057 Changes: - Added the contents of the fleet-vulnerability-dashboard repo to ee/vulnerability-dashboard - Added a github workflow to deploy the vulnerability dashboard on Heroku - Added a github workflow to test changes to the vulnerability-dashboard - Updated the website's custom configuration to enable auto-approvals/review requests to files in the ee/vulnerability-dashboard folder
2024-03-13 18:06:11 +00:00
/**
* Vulnerability.js
*
* @description :: A model definition represents a database table/collection.
* @docs :: https://sailsjs.com/docs/concepts/models-and-orm/models
*/
// Set the columnType of the cveDescription attribute based on the database adapter the app is configured to use.
// FUTURE: When this app is moved into the fleetdm/fleet repo, update this file to support only one type of database.
let cveDescriptionColumnType = 'text';
if(sails.config.datastores.default.adapter === 'sails-mysql'){
cveDescriptionColumnType = 'longtext';
}
module.exports = {
attributes: {
// ╔═╗╦═╗╦╔╦╗╦╔╦╗╦╦ ╦╔═╗╔═╗
// ╠═╝╠╦╝║║║║║ ║ ║╚╗╔╝║╣ ╚═╗
// ╩ ╩╚═╩╩ ╩╩ ╩ ╩ ╚╝ ╚═╝╚═╝
cveId: {
example: 'CVE-2022-43253',
type: 'string',
// unique: true, // TODO: address
required: true
},
fleetSoftwareItemUrl: {
example: 'https://fleet.example.com/software/125820',
type: 'string',
isURL: true,
required: true
},
additionalDetailsUrl: {
example: 'https://nvd.nist.gov/vuln/detail/CVE-2022-43253',
type: 'string',
isURL: true,
required: true
},
probabilityOfExploit: {
example: 0.00885,
description: 'Whether a known exploit exists, according to CISA.',
extendedDescription: 'This is called `epss_probability` in the Fleet API. If the Fleet server sends this value as null, this value will be set to 0.',
type: 'number',
required: true
},
severity: {
example: 6.5,
description: 'Whether a known exploit exists, according to CISA.',
extendedDescription: 'This is called `cvss_score` in the Fleet API.',
type: 'number',
required: true
},
hasKnownExploit: {
description: 'Whether a known exploit exists, according to CISA.',
extendedDescription: 'This is called `cisa_known_exploit` in the Fleet API.',
type: 'boolean',
required: true
},
publishedAt: {
example: 1670152500000,
description: 'JS timestamp representing when this vulnerability was originally published; for example in the NVD (national vulnerability database).',
type: 'number',
isInteger: true,
min: 1,// « Since CVEs were not published this far in the past (≈1970), we use this validation as a failsafe.
required: true,
},
isPriority: {
description: 'Whether or not this Vulnerability is being tracked as a priority CVE.',
extendedDescription: 'Vulnerability records that have this value set to true will have their patch progress shown on the /dashboard page.',
type: 'boolean',
defaultsTo: false,
},
cveDescription: {
description: 'The NVD description for this vulnerability.',
type: 'string',
columnType: cveDescriptionColumnType,// This will be automatically set to 'longtext' for MySQL, or 'text' for Postgres.
},
// ╔═╗╔╦╗╔╗ ╔═╗╔╦╗╔═╗
// ║╣ ║║║╠╩╗║╣ ║║╚═╗
// ╚═╝╩ ╩╚═╝╚═╝═╩╝╚═╝
// ╔═╗╔═╗╔═╗╔═╗╔═╗╦╔═╗╔╦╗╦╔═╗╔╗╔╔═╗
// ╠═╣╚═╗╚═╗║ ║║ ║╠═╣ ║ ║║ ║║║║╚═╗
// ╩ ╩╚═╝╚═╝╚═╝╚═╝╩╩ ╩ ╩ ╩╚═╝╝╚╝╚═╝
installs: { collection: 'VulnerabilityInstall', via: 'vulnerability', description: 'Everywhere this vulnerability has been installed, past and present.' },
hosts: { collection: 'Host', through: 'VulnerabilityInstall', via: 'vulnerability' },
},
};
Reference in a new issue Copy permalink