cve_schema 0.1.0

data/spec/fixtures/CVE-2020-2050.json

@@ -0,0 +1,233 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "psirt@paloaltonetworks.com",
+        "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
+        "ID": "CVE-2020-2050",
+        "STATE": "PUBLIC",
+        "TITLE": "PAN-OS: Authentication bypass vulnerability in GlobalProtect SSL VPN client certificate verification"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "PAN-OS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "8.1",
+                                            "version_value": "8.1.17"
+                                        },
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "9.0",
+                                            "version_value": "9.0.11"
+                                        },
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "9.1",
+                                            "version_value": "9.1.5"
+                                        },
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "10.0",
+                                            "version_value": "10.0.1"
+                                        },
+                                        {
+                                            "version_affected": "!>=",
+                                            "version_name": "8.1",
+                                            "version_value": "8.1.17"
+                                        },
+                                        {
+                                            "version_affected": "!>=",
+                                            "version_name": "9.0",
+                                            "version_value": "9.0.11"
+                                        },
+                                        {
+                                            "version_affected": "!>=",
+                                            "version_name": "9.1",
+                                            "version_value": "9.1.5"
+                                        },
+                                        {
+                                            "version_affected": "!>=",
+                                            "version_name": "10.0",
+                                            "version_value": "10.0.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "Palo Alto Networks"
+                }
+            ]
+        }
+    },
+    "configuration": [
+        {
+            "lang": "eng",
+            "value": "This issue is only applicable to PAN-OS appliances using the GlobalProtect SSL VPN gateway or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue.\n"
+        }
+    ],
+    "credit": [
+        {
+            "lang": "eng",
+            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
+        }
+    ],
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication. Impacted features that use SSL VPN with client certificate verification are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN In configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
+            }
+        ]
+    },
+    "exploit": [
+        {
+            "lang": "eng",
+            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
+        }
+    ],
+    "generator": {
+        "engine": "Vulnogram 0.0.9"
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "LOW",
+            "attackVector": "NETWORK",
+            "availabilityImpact": "NONE",
+            "baseScore": 8.2,
+            "baseSeverity": "HIGH",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "LOW",
+            "privilegesRequired": "NONE",
+            "scope": "UNCHANGED",
+            "userInteraction": "NONE",
+            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-285 Improper Authorization"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "url": "https://security.paloaltonetworks.com/CVE-2020-2050",
+                "name": "https://security.paloaltonetworks.com/CVE-2020-2050"
+            }
+        ]
+    },
+    "solution": [
+        {
+            "lang": "eng",
+            "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions."
+        }
+    ],
+    "source": {
+        "defect": [
+            "PAN-146650"
+        ],
+        "discovery": "INTERNAL"
+    },
+    "timeline": [
+        {
+            "lang": "eng",
+            "time": "2020-11-11T17:00:00.000Z",
+            "value": "Initial publication"
+        }
+    ],
+    "work_around": [
+        {
+            "lang": "eng",
+            "value": "This issue can be mitigated by configuring GlobalProtect SSL VPN to require gateway and portal users to authenticate with their credentials. Other authentication methods are not impacted by this issue."
+        }
+    ],
+    "x_advisoryEoL": false,
+    "x_affectedList": [
+        "PAN-OS 10.0.0",
+        "PAN-OS 10.0",
+        "PAN-OS 9.1.4",
+        "PAN-OS 9.1.3-h1",
+        "PAN-OS 9.1.3",
+        "PAN-OS 9.1.2-h1",
+        "PAN-OS 9.1.2",
+        "PAN-OS 9.1.1",
+        "PAN-OS 9.1.0-h3",
+        "PAN-OS 9.1.0-h2",
+        "PAN-OS 9.1.0-h1",
+        "PAN-OS 9.1.0",
+        "PAN-OS 9.1",
+        "PAN-OS 9.0.10",
+        "PAN-OS 9.0.9-h1",
+        "PAN-OS 9.0.9",
+        "PAN-OS 9.0.8",
+        "PAN-OS 9.0.7",
+        "PAN-OS 9.0.6",
+        "PAN-OS 9.0.5",
+        "PAN-OS 9.0.4",
+        "PAN-OS 9.0.3-h3",
+        "PAN-OS 9.0.3-h2",
+        "PAN-OS 9.0.3-h1",
+        "PAN-OS 9.0.3",
+        "PAN-OS 9.0.2-h4",
+        "PAN-OS 9.0.2-h3",
+        "PAN-OS 9.0.2-h2",
+        "PAN-OS 9.0.2-h1",
+        "PAN-OS 9.0.2",
+        "PAN-OS 9.0.1",
+        "PAN-OS 9.0.0",
+        "PAN-OS 9.0",
+        "PAN-OS 8.1.16",
+        "PAN-OS 8.1.15-h3",
+        "PAN-OS 8.1.15-h2",
+        "PAN-OS 8.1.15-h1",
+        "PAN-OS 8.1.15",
+        "PAN-OS 8.1.14-h2",
+        "PAN-OS 8.1.14-h1",
+        "PAN-OS 8.1.14",
+        "PAN-OS 8.1.13",
+        "PAN-OS 8.1.12",
+        "PAN-OS 8.1.11",
+        "PAN-OS 8.1.10",
+        "PAN-OS 8.1.9-h4",
+        "PAN-OS 8.1.9-h3",
+        "PAN-OS 8.1.9-h2",
+        "PAN-OS 8.1.9-h1",
+        "PAN-OS 8.1.9",
+        "PAN-OS 8.1.8-h5",
+        "PAN-OS 8.1.8-h4",
+        "PAN-OS 8.1.8-h3",
+        "PAN-OS 8.1.8-h2",
+        "PAN-OS 8.1.8-h1",
+        "PAN-OS 8.1.8",
+        "PAN-OS 8.1.7",
+        "PAN-OS 8.1.6-h2",
+        "PAN-OS 8.1.6-h1",
+        "PAN-OS 8.1.6",
+        "PAN-OS 8.1.5",
+        "PAN-OS 8.1.4",
+        "PAN-OS 8.1.3",
+        "PAN-OS 8.1.2",
+        "PAN-OS 8.1.1",
+        "PAN-OS 8.1.0",
+        "PAN-OS 8.1"
+    ]
+}

data/spec/fixtures/CVE-2020-4700.json

@@ -0,0 +1,99 @@
+{
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.ibm.com/support/pages/node/6367979",
+                "title": "IBM Security Bulletin 6367979 (Sterling B2B Integrator)",
+                "refsource": "CONFIRM",
+                "name": "https://www.ibm.com/support/pages/node/6367979"
+            },
+            {
+                "name": "ibm-sterling-cve20204700-priv-escalation (187077)",
+                "refsource": "XF",
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/187077",
+                "title": "X-Force Vulnerability Report"
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "IBM",
+                    "product": {
+                        "product_data": [
+                            {
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "6.0.0.0"
+                                        },
+                                        {
+                                            "version_value": "5.2.0.0"
+                                        },
+                                        {
+                                            "version_value": "5.2.6.5"
+                                        },
+                                        {
+                                            "version_value": "6.0.3.2"
+                                        }
+                                    ]
+                                },
+                                "product_name": "Sterling B2B Integrator"
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "CVE_data_meta": {
+        "STATE": "PUBLIC",
+        "DATE_PUBLIC": "2020-11-13T00:00:00",
+        "ASSIGNER": "psirt@us.ibm.com",
+        "ID": "CVE-2020-4700"
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "value": "Gain Privileges",
+                        "lang": "eng"
+                    }
+                ]
+            }
+        ]
+    },
+    "data_format": "MITRE",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077."
+            }
+        ]
+    },
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "impact": {
+        "cvssv3": {
+            "TM": {
+                "RC": "C",
+                "E": "U",
+                "RL": "O"
+            },
+            "BM": {
+                "I": "H",
+                "PR": "L",
+                "A": "H",
+                "C": "H",
+                "SCORE": "7.500",
+                "AV": "N",
+                "AC": "H",
+                "UI": "N",
+                "S": "U"
+            }
+        }
+    }
+}

data/spec/has_lang_value_spec.rb

@@ -0,0 +1,56 @@
+require 'spec_helper'
+require 'cve_schema/cve/has_lang_value'
+
+describe CVESchema::CVE::HasLangValue do
+  let(:klass) do
+    Class.new.tap do |klass|
+      klass.send :include, described_class
+    end
+  end
+
+  let(:lang)  { :eng      }
+  let(:value) { 'foo bar' }
+
+  describe "#initialize" do
+    subject { klass }
+
+    describe "required keywords" do
+      it "must require the lang: keyword" do
+        expect {
+          subject.new(value: value)
+        }.to raise_error(ArgumentError)
+      end
+
+      it "must require the value: keyword" do
+        expect {
+          subject.new(lang: lang)
+        }.to raise_error(ArgumentError)
+      end
+    end
+  end
+
+  describe ".load" do
+    subject { klass }
+
+    let(:json) do
+      {
+        'lang'  => lang.to_s,
+        'value' => value
+      }
+    end
+
+    subject { klass.load(json) }
+
+    it "must return an instance of the including Class" do
+      expect(subject).to be_kind_of(klass)
+    end
+
+    it "must set #lang" do
+      expect(subject.lang).to eq(lang)
+    end
+
+    it "must set #value" do
+      expect(subject.value).to eq(value)
+    end
+  end
+end

data/spec/id_spec.rb

@@ -0,0 +1,91 @@
+require 'spec_helper'
+require 'cve_schema/cve/id'
+
+describe CVESchema::CVE::ID do
+  let(:year)   { '2021' }
+  let(:number) { '9999' }
+
+  describe "#initialize" do
+    subject { described_class.new(year,number) }
+
+    it "must set #year" do
+      expect(subject.year).to eq(year)
+    end
+
+    it "must set #number" do
+      expect(subject.number).to eq(number)
+    end
+  end
+
+  describe ".parse" do
+    subject { described_class }
+
+    context "when given a valid CVE" do
+      let(:id) { "CVE-#{year}-#{number}" }
+
+      subject { super().parse(id) }
+
+      it "muset extract the year component" do
+        expect(subject.year).to eq(year)
+      end
+
+      it "must extract the number component" do
+        expect(subject.number).to eq(number)
+      end
+    end
+
+    context "when given an invalid CVE" do
+      let(:id) { 'XYZ-123-abc' }
+
+      it do
+        expect { subject.parse(id) }.to raise_error(ArgumentError)
+      end
+    end
+  end
+
+  subject { described_class.new(year,number) }
+
+  describe "#==" do
+    context "when given a non-ID object" do
+      let(:other) { Object.new }
+
+      it { expect(subject == other).to be(false) }
+    end
+
+    context "when given another ID object" do
+      context "and the other ID has the same year" do
+        context "but a different number" do
+          let(:other) { described_class.new(year,'0000') }
+
+          it { expect(subject == other).to be(false) }
+        end
+
+        context "and the same number" do
+          let(:other) { described_class.new(year,number) }
+
+          it { expect(subject == other).to be(true) }
+        end
+      end
+
+      context "and the other ID has a different year" do
+        context "but a different number" do
+          let(:other) { described_class.new('3000','0000') }
+
+          it { expect(subject == other).to be(false) }
+        end
+
+        context "and the same number" do
+          let(:other) { described_class.new('3000',number) }
+
+          it { expect(subject == other).to be(false) }
+        end
+      end
+    end
+  end
+
+  describe "#to_s" do
+    it "must convert the ID back into a valid CVE string" do
+      expect(subject.to_s).to eq("CVE-#{year}-#{number}")
+    end
+  end
+end