Class Vuln
The Vuln class provides methods for defining and storing vulnerabilities detected on enterprise assets. It depends on several other classes, including the Asset class, the Scanner class, and the Scan class. In general, a vulnerability scanner will perform a scan of an enterprise asset checking all ports on that asset for known vulnerabilities. The entire result set of that scan will be placed in a file which is then processed by a Collector. The process followed is usually to construct a Scanner object which describes the vulnerability scanner, then a Scan object which describes the full scan that took place. Then, a Vuln object is created for each detected vulnerability, attached to the relevant Asset, and stored in the database. It is also possible for the vulnerability scanner to perform a 'partial' scan which means that only specific ports are scanned. In this case, the scan data will not replace the entire set of vulnerability information known for an assset, but only for those ports which were scanned. The class accepts a pre-defined set of vulnerability attributes:
- *VulnID {String} : The vulnerability ID assigned by the scanner to this type of vulnerability
- PortNum {String} : The port number that exposes this vulnerability
- Protocol {String} : The protocol used to access the target asset
- Name {String} : The short name for the vulnerability assigned by the vendor.
- Description {String} : A full-text description of the vulnerability
- Summary {String} : A summary of the vulnerability and associated information
- Severity {String} : A normalized severity rating for the vulnerability, use 0-5 with 5 the most severe.
- Class {String} : The class of the vulnerability
- Solution {String} : A solution to remediate the vulnerability
- HostOS {String} : The detected host OS of the asset which has this vulnerability
- HostOSVersion {String} : The detected host OS version of the asset which has this vulnerability
- HostApp {String} : The application (service, executable) which has this vulnerability
- HostAppVersion {String} : The detected application version
Defined in: vuln.js.
Constructor Attributes | Constructor Name and Description |
---|---|
Vuln(properties)
Constructs an instance of the Vuln class which represents a single vulnerability on a single asset.
|
Method Attributes | Method Name and Description |
---|---|
add2EI(name, val)
Adds the arguments to the Vulnerability ExtendedInformation field.
|
|
addRef(type, id)
Adds an external VulnRef to the vulnerability, such as a CVE, BID, MS, or RedHat reference.
|
|
find()
Finds the asset(s) in the Sentinel database.
|
Author: Novell Engineering.
var nextVuln = new Vuln({"VulnID": rec.input.col_ID, "Description": rec.input.col_MSG, "Name": rec.input.col_VULN }); myscan.attachVuln(nextVuln);
- Parameters:
- {Object} properties
- Set of pre-defined properties used to initialize this object
vuln.add2EI( "Risk Factor", rec.s_RXBufferString.substr(20,30);
- Parameters:
- {String} name
- The attribute name that will be set
- {String} val
- The value for that attribute
- Returns:
- {Boolean} A Boolean to indicate successful completion
vuln.addRef("CVE",rec.cveid);
- Parameters:
- {String} type
- One of 'CVE', 'BID', 'MS, or 'RHSA' to indicate the type of reference
- {String} id
- The vulnerability external reference ID
- Returns:
- {Asset[]} Matching assets.