mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
eada583ff1
Loom explaining changes (hit 5 min limit):
https://www.loom.com/share/e59b63bf638e4d9cad7984ef589b878d?sid=111fff75-115a-4a44-ae4f-6f25fede0d51
#14887
- [x] Need to merge fleetdm/nvd PR
https://github.com/fleetdm/nvd/pull/25 before this one.
# Checklist for submitter
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- Manually tested (with corresponding fleetdm/fleet changes) in my
personal fork: https://github.com/getvictor/nvd/releases
# QA Plan (must be done before merging this PR, and after merging the
nvd PR)
- [ ] Fork https://github.com/fleetdm/nvd and point `generate.yml` to
this branch.
[example](9d8e54930b/.github/workflows/generate.yml (L26))
- [ ] Add NVD_API_KEY to nvd secrets, and run the the nvd generate
GitHub action. Get key:
https://nvd.nist.gov/developers/request-an-api-key
- [ ] Compare the generated `cpe-###.sqlite.gz` to the previous one. One
way is to open it up with sqlite3 and `select * from cpe_2 order by
cpe23;` and dump results to a CSV file. Known differences are:
- New file has ~2,500 more records
- Backslashes are handled differently for `Backpack\CRUD` and `Philips
In.Sight B120\37` products -- not a new issue since we do not support
those products right now
- `cpe:2.3🅰️moodle:moodle:4.2.0:*:*:*:*:*:*:*` -- this appears OK.
Also, it is a PHP plugin, and we don't support these currently.
- [ ] Record the existing vulnerabilities of current hosts.
- [ ] Stop any running fleet server. Delete `/tmp/vulndbs/cpe.sqlite`.
Can also delete other files there, or not delete this file -- it should
be overwritten by the new file. Also delete all rows in software_cpe and
software_cve DB tables. (Or can just spin up a fresh fleet server with
fresh DB, and re-enroll hosts (after setting the new env variable
below))
- [ ] Find the path to the generated `cpe-###.sqlite.gz` file
- [ ] Set `FLEET_VULNERABILITIES_CPE_DATABASE_URL` environment variable
to the above path, and start fleet server.
- [ ] After server's vulnerabilities cron job runs, the new
vulnerabilities should match the previous vulnerabilities
60 lines
1.6 KiB
JSON
60 lines
1.6 KiB
JSON
{
|
|
"resultsPerPage": 2,
|
|
"startIndex": 1110000,
|
|
"totalResults": 2,
|
|
"format": "NVD_CPE",
|
|
"version": "2.0",
|
|
"timestamp": "2023-11-07T21:11:14.883",
|
|
"products": [
|
|
{
|
|
"cpe": {
|
|
"deprecated": false,
|
|
"cpeName": "cpe:2.3:a:denkgroot:spina:2.3.5:*:*:*:*:*:*:*",
|
|
"cpeNameId": "6F467674-732A-4EAB-9728-C3D5CE9950A9",
|
|
"lastModified": "2023-07-05T16:44:44.687",
|
|
"created": "2023-07-05T13:53:03.087",
|
|
"titles": [
|
|
{
|
|
"title": "Denkgroot Spina 2.3.5",
|
|
"lang": "en"
|
|
}
|
|
],
|
|
"refs": [
|
|
{
|
|
"ref": "https:\/\/huntr.dev\/bounties\/18a74a9d-4a2d-4bf8-ae62-56a909427070\/",
|
|
"type": "Advisory"
|
|
},
|
|
{
|
|
"ref": "https:\/\/github.com\/SpinaCMS\/Spina\/releases",
|
|
"type": "Change Log"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"cpe": {
|
|
"deprecated": false,
|
|
"cpeName": "cpe:2.3:a:denkgroot:spina:2.3.4:*:*:*:*:*:*:*",
|
|
"cpeNameId": "048B1A11-455D-4EB5-8198-29FD8DBDEC4D",
|
|
"lastModified": "2023-07-05T16:44:44.687",
|
|
"created": "2023-07-05T13:53:03.087",
|
|
"titles": [
|
|
{
|
|
"title": "Denkgroot Spina 2.3.4",
|
|
"lang": "en"
|
|
}
|
|
],
|
|
"refs": [
|
|
{
|
|
"ref": "https:\/\/huntr.dev\/bounties\/18a74a9d-4a2d-4bf8-ae62-56a909427070\/",
|
|
"type": "Advisory"
|
|
},
|
|
{
|
|
"ref": "https:\/\/github.com\/SpinaCMS\/Spina\/releases",
|
|
"type": "Change Log"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |