Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/cmd/cpe/testdata/test1.json

118 lines
3.1 KiB
JSON
Raw Normal View History

Updating CPE generator to use new NVD API. (#15018) Loom explaining changes (hit 5 min limit): https://www.loom.com/share/e59b63bf638e4d9cad7984ef589b878d?sid=111fff75-115a-4a44-ae4f-6f25fede0d51 #14887 - [x] Need to merge fleetdm/nvd PR https://github.com/fleetdm/nvd/pull/25 before this one. # Checklist for submitter - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - Manually tested (with corresponding fleetdm/fleet changes) in my personal fork: https://github.com/getvictor/nvd/releases # QA Plan (must be done before merging this PR, and after merging the nvd PR) - [ ] Fork https://github.com/fleetdm/nvd and point `generate.yml` to this branch. [example](https://github.com/getvictor/nvd/blob/9d8e54930bc174b00cc2daa70f55cabf0f9dba6e/.github/workflows/generate.yml#L26) - [ ] Add NVD_API_KEY to nvd secrets, and run the the nvd generate GitHub action. Get key: https://nvd.nist.gov/developers/request-an-api-key - [ ] Compare the generated `cpe-###.sqlite.gz` to the previous one. One way is to open it up with sqlite3 and `select * from cpe_2 order by cpe23;` and dump results to a CSV file. Known differences are: - New file has ~2,500 more records - Backslashes are handled differently for `Backpack\CRUD` and `Philips In.Sight B120\37` products -- not a new issue since we do not support those products right now - `cpe:2.3:a:moodle:moodle:4.2.0:*:*:*:*:*:*:*` -- this appears OK. Also, it is a PHP plugin, and we don't support these currently. - [ ] Record the existing vulnerabilities of current hosts. - [ ] Stop any running fleet server. Delete `/tmp/vulndbs/cpe.sqlite`. Can also delete other files there, or not delete this file -- it should be overwritten by the new file. Also delete all rows in software_cpe and software_cve DB tables. (Or can just spin up a fresh fleet server with fresh DB, and re-enroll hosts (after setting the new env variable below)) - [ ] Find the path to the generated `cpe-###.sqlite.gz` file - [ ] Set `FLEET_VULNERABILITIES_CPE_DATABASE_URL` environment variable to the above path, and start fleet server. - [ ] After server's vulnerabilities cron job runs, the new vulnerabilities should match the previous vulnerabilities
2023-11-20 22:10:00 +00:00
{
"resultsPerPage": 6,
"startIndex": 0,
"totalResults": 6,
"format": "NVD_CPE",
"version": "2.0",
"timestamp": "2023-11-07T20:02:39.860",
"products": [
{
"cpe": {
"deprecated": false,
"cpeName": "cpe:2.3:a:hp:radia_notify_daemon:-:*:*:*:*:*:*:*",
"cpeNameId": "9E1C1A60-AFDF-4F21-94D9-078EDA0DECEC",
"lastModified": "2007-09-14T17:36:49.090",
"created": "2007-08-23T21:05:57.937",
"titles": [
{
"title": "HP Radia Notify Daemon",
"lang": "en"
}
]
}
},
{
"cpe": {
"deprecated": false,
"cpeName": "cpe:2.3:a:hp:sanworks:-:*:*:*:*:*:*:*",
"cpeNameId": "6C7DD0D6-4DB8-4AE7-BF44-11A40253543E",
"lastModified": "2008-04-15T22:37:41.817",
"created": "2007-08-23T21:05:57.937",
"titles": [
{
"title": "HP SANworks",
"lang": "en"
}
]
}
},
{
"cpe": {
"deprecated": false,
"cpeName": "cpe:2.3:a:hp:scanjet_utilities:-:*:*:*:*:*:*:*",
"cpeNameId": "87E045F2-D88B-48C4-A26A-BB43AF4186BE",
"lastModified": "2008-04-15T22:37:41.910",
"created": "2007-08-23T21:05:57.937",
"titles": [
{
"title": "HP Scanjet Utilities",
"lang": "en"
}
]
}
},
{
"cpe": {
"deprecated": false,
"cpeName": "cpe:2.3:a:hp:secure_web_console:-:*:*:*:*:*:*:*",
"cpeNameId": "01F51BEC-78C7-4910-8328-77B8D69ED767",
"lastModified": "2007-09-14T17:36:49.090",
"created": "2007-08-23T21:05:57.937",
"titles": [
{
"title": "HP Secure Web Console",
"lang": "en"
}
]
}
},
{
"cpe": {
"deprecated": false,
"cpeName": "cpe:2.3:a:hp:sendmail:-:*:*:*:*:*:*:*",
"cpeNameId": "F2CAC9D2-0F87-433C-9D9E-9C99D347D56A",
"lastModified": "2007-09-14T17:36:49.090",
"created": "2007-08-23T21:05:57.937",
"titles": [
{
"title": "HP sendmail",
"lang": "en"
}
]
}
},
{
"cpe": {
"deprecated": true,
"cpeName": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"cpeNameId": "DF3171C4-00E8-4B0F-97EB-2F3EC3394A87",
"lastModified": "2021-06-01T14:14:47.707",
"created": "2007-08-23T21:16:59.567",
"titles": [
{
"title": "Linux Kernel 2.6.2",
"lang": "en"
}
],
"refs": [
{
"ref": "https://github.com/torvalds/linux",
"type": "Version"
}
],
"deprecatedBy": [
{
"cpeName": "cpe:2.3:o:linux:linux_kernel:2.6.2:-:*:*:*:*:*:*",
"cpeNameId": "1B4C49FC-8606-45D7-94D1-19C5626D69C7"
}
],
"deprecates": [
{
"cpeName": "cpe:2.3:o:linux:kernel:2.6.2:*:*:*:*:*:*:*",
"cpeNameId": "B548E49E-BC95-4804-A2C2-D7ACC7F72095"
}
]
}
}
]
}
Reference in a new issue Copy permalink