From cc1c0214befc0e2ccfb98c8f4306ec116f65fd34 Mon Sep 17 00:00:00 2001 From: ccoffin Date: Tue, 22 Oct 2024 15:27:50 -0500 Subject: [PATCH] Update cnaContainer-advanced-example.json Updated to include cpeApplicability example data --- .../docs/cnaContainer-advanced-example.json | 51 +++++++++++++++++-- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/schema/docs/cnaContainer-advanced-example.json b/schema/docs/cnaContainer-advanced-example.json index e0236ca75d..bbafe4b2fb 100644 --- a/schema/docs/cnaContainer-advanced-example.json +++ b/schema/docs/cnaContainer-advanced-example.json @@ -84,26 +84,69 @@ "defaultStatus": "unaffected" } ], + "cpeApplicability": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:example_org:example_enterprise:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.0.0", + "versionEndExcluding": "1.0.6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:example_org:example_enterprise:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.1.6", + "versionEndExcluding": "2.1.9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:some_company:xt-4500:*:*:*:*:*:*:*:*" + } + ] + } + ] + } + ], "descriptions": [ { "lang": "en", - "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges. This issue affects: 1.0 versions before 1.0.6, 2.1 versions from 2.16 until 2.1.9.", + "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges. This issue affects: 1.0 versions before 1.0.6, 2.1 versions from 2.1.6 until 2.1.9.", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges.

This issue affects:
" + "value": "OS Command Injection vulnerability parseFilename function of example.php in the Web Management Interface of Example.org Example Enterprise on Windows, macOS, and XT-4500 allows remote unauthenticated attackers to escalate privileges.

This issue affects:
" } ] }, { "lang": "eo", - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn. \u0108i tiu afero efikas: 1.0-versioj anta\u016d 1.0.6, 2.1-versioj de 2.16 \u011dis 2.1.9.", + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn. \u0108i tiu afero efikas: 1.0-versioj anta\u016d 1.0.6, 2.1-versioj de 2.1.6 \u011dis 2.1.9.", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn.

\u0108i tiu afero efikas:
" + "value": "OS-komand-injekta vundebleco parseFilename funkcio de example.php en la Web Administrado-Interfaco de Example.org Example Enterprise \u0109e Windows, macOS kaj XT-4500 permesas al malproksimaj nea\u016dtentikigitaj atakantoj eskaladi privilegiojn.

\u0108i tiu afero efikas:
" } ] }