google-cloud-os_config-v1 0.4.1 → 0.6.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -57,9 +57,15 @@ module Google
57
57
 
58
58
  # Denotes that a (repeated) field is an unordered list.
59
59
  # This indicates that the service may provide the elements of the list
60
- # in any arbitrary order, rather than the order the user originally
60
+ # in any arbitrary order, rather than the order the user originally
61
61
  # provided. Additionally, the list's order may or may not be stable.
62
62
  UNORDERED_LIST = 6
63
+
64
+ # Denotes that this field returns a non-empty default value if not set.
65
+ # This indicates that if the user provides the empty value in a request,
66
+ # a non-empty value will be returned. The user will not be aware of what
67
+ # non-empty value to expect.
68
+ NON_EMPTY_DEFAULT = 7
63
69
  end
64
70
  end
65
71
  end
@@ -21,7 +21,19 @@ module Google
21
21
  module Cloud
22
22
  module OsConfig
23
23
  module V1
24
- # The inventory details of a VM.
24
+ # This API resource represents the available inventory data for a
25
+ # Compute Engine virtual machine (VM) instance at a given point in time.
26
+ #
27
+ # You can use this API resource to determine the inventory data of your VM.
28
+ #
29
+ # For more information, see [Information provided by OS inventory
30
+ # management](https://cloud.google.com/compute/docs/instances/os-inventory-management#data-collected).
31
+ # @!attribute [r] name
32
+ # @return [::String]
33
+ # Output only. The `Inventory` API resource name.
34
+ #
35
+ # Format:
36
+ # `projects/{project_number}/locations/{location}/instances/{instance_id}/inventory`
25
37
  # @!attribute [rw] os_info
26
38
  # @return [::Google::Cloud::OsConfig::V1::Inventory::OsInfo]
27
39
  # Base level operating system information for the VM.
@@ -31,6 +43,9 @@ module Google
31
43
  # each inventory item. The identifier is unique to each distinct and
32
44
  # addressable inventory item and will change, when there is a new package
33
45
  # version.
46
+ # @!attribute [r] update_time
47
+ # @return [::Google::Protobuf::Timestamp]
48
+ # Output only. Timestamp of the last reported inventory for the VM.
34
49
  class Inventory
35
50
  include ::Google::Protobuf::MessageExts
36
51
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -157,6 +172,9 @@ module Google
157
172
  # @!attribute [rw] cos_package
158
173
  # @return [::Google::Cloud::OsConfig::V1::Inventory::VersionedPackage]
159
174
  # Details of a COS package.
175
+ # @!attribute [rw] windows_application
176
+ # @return [::Google::Cloud::OsConfig::V1::Inventory::WindowsApplication]
177
+ # Details of Windows Application.
160
178
  class SoftwarePackage
161
179
  include ::Google::Protobuf::MessageExts
162
180
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -178,6 +196,24 @@ module Google
178
196
  extend ::Google::Protobuf::MessageExts::ClassMethods
179
197
  end
180
198
 
199
+ # Details related to a Zypper Patch.
200
+ # @!attribute [rw] patch_name
201
+ # @return [::String]
202
+ # The name of the patch.
203
+ # @!attribute [rw] category
204
+ # @return [::String]
205
+ # The category of the patch.
206
+ # @!attribute [rw] severity
207
+ # @return [::String]
208
+ # The severity specified for this patch
209
+ # @!attribute [rw] summary
210
+ # @return [::String]
211
+ # Any summary information provided about this patch.
212
+ class ZypperPatch
213
+ include ::Google::Protobuf::MessageExts
214
+ extend ::Google::Protobuf::MessageExts::ClassMethods
215
+ end
216
+
181
217
  # Details related to a Windows Update package.
182
218
  # Field data and names are taken from Windows Update API IUpdate Interface:
183
219
  # https://docs.microsoft.com/en-us/windows/win32/api/_wua/
@@ -230,24 +266,6 @@ module Google
230
266
  end
231
267
  end
232
268
 
233
- # Details related to a Zypper Patch.
234
- # @!attribute [rw] patch_name
235
- # @return [::String]
236
- # The name of the patch.
237
- # @!attribute [rw] category
238
- # @return [::String]
239
- # The category of the patch.
240
- # @!attribute [rw] severity
241
- # @return [::String]
242
- # The severity specified for this patch
243
- # @!attribute [rw] summary
244
- # @return [::String]
245
- # Any summary information provided about this patch.
246
- class ZypperPatch
247
- include ::Google::Protobuf::MessageExts
248
- extend ::Google::Protobuf::MessageExts::ClassMethods
249
- end
250
-
251
269
  # Information related to a Quick Fix Engineering package.
252
270
  # Fields are taken from Windows QuickFixEngineering Interface and match
253
271
  # the source names:
@@ -269,6 +287,34 @@ module Google
269
287
  extend ::Google::Protobuf::MessageExts::ClassMethods
270
288
  end
271
289
 
290
+ # Contains information about a Windows application as retrieved from the
291
+ # Windows Registry. For more information about these fields, see
292
+ #
293
+ # [Windows Installer Properties for the Uninstall
294
+ # Registry](https://docs.microsoft.com/en-us/windows/win32/msi/uninstall-registry-key){:
295
+ # class="external" }
296
+ # @!attribute [rw] display_name
297
+ # @return [::String]
298
+ # The name of the application or product.
299
+ # @!attribute [rw] display_version
300
+ # @return [::String]
301
+ # The version of the product or application in string format.
302
+ # @!attribute [rw] publisher
303
+ # @return [::String]
304
+ # The name of the manufacturer for the product or application.
305
+ # @!attribute [rw] install_date
306
+ # @return [::Google::Type::Date]
307
+ # The last time this product received service. The value of this property
308
+ # is replaced each time a patch is applied or removed from the product or
309
+ # the command-line option is used to repair the product.
310
+ # @!attribute [rw] help_link
311
+ # @return [::String]
312
+ # The internet address for technical support.
313
+ class WindowsApplication
314
+ include ::Google::Protobuf::MessageExts
315
+ extend ::Google::Protobuf::MessageExts::ClassMethods
316
+ end
317
+
272
318
  # @!attribute [rw] key
273
319
  # @return [::String]
274
320
  # @!attribute [rw] value
@@ -278,6 +324,82 @@ module Google
278
324
  extend ::Google::Protobuf::MessageExts::ClassMethods
279
325
  end
280
326
  end
327
+
328
+ # A request message for getting inventory data for the specified VM.
329
+ # @!attribute [rw] name
330
+ # @return [::String]
331
+ # Required. API resource name for inventory resource.
332
+ #
333
+ # Format:
334
+ # `projects/{project}/locations/{location}/instances/{instance}/inventory`
335
+ #
336
+ # For `{project}`, either `project-number` or `project-id` can be provided.
337
+ # For `{instance}`, either Compute Engine `instance-id` or `instance-name`
338
+ # can be provided.
339
+ # @!attribute [rw] view
340
+ # @return [::Google::Cloud::OsConfig::V1::InventoryView]
341
+ # Inventory view indicating what information should be included in the
342
+ # inventory resource. If unspecified, the default view is BASIC.
343
+ class GetInventoryRequest
344
+ include ::Google::Protobuf::MessageExts
345
+ extend ::Google::Protobuf::MessageExts::ClassMethods
346
+ end
347
+
348
+ # A request message for listing inventory data for all VMs in the specified
349
+ # location.
350
+ # @!attribute [rw] parent
351
+ # @return [::String]
352
+ # Required. The parent resource name.
353
+ #
354
+ # Format: `projects/{project}/locations/{location}/instances/-`
355
+ #
356
+ # For `{project}`, either `project-number` or `project-id` can be provided.
357
+ # @!attribute [rw] view
358
+ # @return [::Google::Cloud::OsConfig::V1::InventoryView]
359
+ # Inventory view indicating what information should be included in the
360
+ # inventory resource. If unspecified, the default view is BASIC.
361
+ # @!attribute [rw] page_size
362
+ # @return [::Integer]
363
+ # The maximum number of results to return.
364
+ # @!attribute [rw] page_token
365
+ # @return [::String]
366
+ # A pagination token returned from a previous call to
367
+ # `ListInventories` that indicates where this listing
368
+ # should continue from.
369
+ # @!attribute [rw] filter
370
+ # @return [::String]
371
+ # If provided, this field specifies the criteria that must be met by a
372
+ # `Inventory` API resource to be included in the response.
373
+ class ListInventoriesRequest
374
+ include ::Google::Protobuf::MessageExts
375
+ extend ::Google::Protobuf::MessageExts::ClassMethods
376
+ end
377
+
378
+ # A response message for listing inventory data for all VMs in a specified
379
+ # location.
380
+ # @!attribute [rw] inventories
381
+ # @return [::Array<::Google::Cloud::OsConfig::V1::Inventory>]
382
+ # List of inventory objects.
383
+ # @!attribute [rw] next_page_token
384
+ # @return [::String]
385
+ # The pagination token to retrieve the next page of inventory objects.
386
+ class ListInventoriesResponse
387
+ include ::Google::Protobuf::MessageExts
388
+ extend ::Google::Protobuf::MessageExts::ClassMethods
389
+ end
390
+
391
+ # The view for inventory objects.
392
+ module InventoryView
393
+ # The default value.
394
+ # The API defaults to the BASIC view.
395
+ INVENTORY_VIEW_UNSPECIFIED = 0
396
+
397
+ # Returns the basic inventory information that includes `os_info`.
398
+ BASIC = 1
399
+
400
+ # Returns all fields.
401
+ FULL = 2
402
+ end
281
403
  end
282
404
  end
283
405
  end
@@ -0,0 +1,342 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2021 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module OsConfig
23
+ module V1
24
+ # This API resource represents the vulnerability report for a specified
25
+ # Compute Engine virtual machine (VM) instance at a given point in time.
26
+ #
27
+ # For more information, see [Vulnerability
28
+ # reports](https://cloud.google.com/compute/docs/instances/os-inventory-management#vulnerability-reports).
29
+ # @!attribute [r] name
30
+ # @return [::String]
31
+ # Output only. The `vulnerabilityReport` API resource name.
32
+ #
33
+ # Format:
34
+ # `projects/{project_number}/locations/{location}/instances/{instance_id}/vulnerabilityReport`
35
+ # @!attribute [r] vulnerabilities
36
+ # @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability>]
37
+ # Output only. List of vulnerabilities affecting the VM.
38
+ # @!attribute [r] update_time
39
+ # @return [::Google::Protobuf::Timestamp]
40
+ # Output only. The timestamp for when the last vulnerability report was generated for the
41
+ # VM.
42
+ class VulnerabilityReport
43
+ include ::Google::Protobuf::MessageExts
44
+ extend ::Google::Protobuf::MessageExts::ClassMethods
45
+
46
+ # A vulnerability affecting the VM instance.
47
+ # @!attribute [rw] details
48
+ # @return [::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details]
49
+ # Contains metadata as per the upstream feed of the operating system and
50
+ # NVD.
51
+ # @!attribute [rw] installed_inventory_item_ids
52
+ # @return [::Array<::String>]
53
+ # Corresponds to the `INSTALLED_PACKAGE` inventory item on the VM.
54
+ # This field displays the inventory items affected by this vulnerability.
55
+ # If the vulnerability report was not updated after the VM inventory
56
+ # update, these values might not display in VM inventory. For some distros,
57
+ # this field may be empty.
58
+ # @!attribute [rw] available_inventory_item_ids
59
+ # @return [::Array<::String>]
60
+ # Corresponds to the `AVAILABLE_PACKAGE` inventory item on the VM.
61
+ # If the vulnerability report was not updated after the VM inventory
62
+ # update, these values might not display in VM inventory. If there is no
63
+ # available fix, the field is empty. The `inventory_item` value specifies
64
+ # the latest `SoftwarePackage` available to the VM that fixes the
65
+ # vulnerability.
66
+ # @!attribute [rw] create_time
67
+ # @return [::Google::Protobuf::Timestamp]
68
+ # The timestamp for when the vulnerability was first detected.
69
+ # @!attribute [rw] update_time
70
+ # @return [::Google::Protobuf::Timestamp]
71
+ # The timestamp for when the vulnerability was last modified.
72
+ class Vulnerability
73
+ include ::Google::Protobuf::MessageExts
74
+ extend ::Google::Protobuf::MessageExts::ClassMethods
75
+
76
+ # Contains metadata information for the vulnerability. This information is
77
+ # collected from the upstream feed of the operating system.
78
+ # @!attribute [rw] cve
79
+ # @return [::String]
80
+ # The CVE of the vulnerability. CVE cannot be
81
+ # empty and the combination of <cve, classification> should be unique
82
+ # across vulnerabilities for a VM.
83
+ # @!attribute [rw] cvss_v2_score
84
+ # @return [::Float]
85
+ # The CVSS V2 score of this vulnerability. CVSS V2 score is on a scale of
86
+ # 0 - 10 where 0 indicates low severity and 10 indicates high severity.
87
+ # @!attribute [rw] cvss_v3
88
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3]
89
+ # The full description of the CVSSv3 for this vulnerability from NVD.
90
+ # @!attribute [rw] severity
91
+ # @return [::String]
92
+ # Assigned severity/impact ranking from the distro.
93
+ # @!attribute [rw] description
94
+ # @return [::String]
95
+ # The note or description describing the vulnerability from the distro.
96
+ # @!attribute [rw] references
97
+ # @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport::Vulnerability::Details::Reference>]
98
+ # Corresponds to the references attached to the `VulnerabilityDetails`.
99
+ class Details
100
+ include ::Google::Protobuf::MessageExts
101
+ extend ::Google::Protobuf::MessageExts::ClassMethods
102
+
103
+ # A reference for this vulnerability.
104
+ # @!attribute [rw] url
105
+ # @return [::String]
106
+ # The url of the reference.
107
+ # @!attribute [rw] source
108
+ # @return [::String]
109
+ # The source of the reference e.g. NVD.
110
+ class Reference
111
+ include ::Google::Protobuf::MessageExts
112
+ extend ::Google::Protobuf::MessageExts::ClassMethods
113
+ end
114
+ end
115
+ end
116
+ end
117
+
118
+ # A request message for getting the vulnerability report for the specified VM.
119
+ # @!attribute [rw] name
120
+ # @return [::String]
121
+ # Required. API resource name for vulnerability resource.
122
+ #
123
+ # Format:
124
+ # `projects/{project}/locations/{location}/instances/{instance}/vulnerabilityReport`
125
+ #
126
+ # For `{project}`, either `project-number` or `project-id` can be provided.
127
+ # For `{instance}`, either Compute Engine `instance-id` or `instance-name`
128
+ # can be provided.
129
+ class GetVulnerabilityReportRequest
130
+ include ::Google::Protobuf::MessageExts
131
+ extend ::Google::Protobuf::MessageExts::ClassMethods
132
+ end
133
+
134
+ # A request message for listing vulnerability reports for all VM instances in
135
+ # the specified location.
136
+ # @!attribute [rw] parent
137
+ # @return [::String]
138
+ # Required. The parent resource name.
139
+ #
140
+ # Format: `projects/{project}/locations/{location}/instances/-`
141
+ #
142
+ # For `{project}`, either `project-number` or `project-id` can be provided.
143
+ # @!attribute [rw] page_size
144
+ # @return [::Integer]
145
+ # The maximum number of results to return.
146
+ # @!attribute [rw] page_token
147
+ # @return [::String]
148
+ # A pagination token returned from a previous call to
149
+ # `ListVulnerabilityReports` that indicates where this listing
150
+ # should continue from.
151
+ # @!attribute [rw] filter
152
+ # @return [::String]
153
+ # If provided, this field specifies the criteria that must be met by a
154
+ # `vulnerabilityReport` API resource to be included in the response.
155
+ class ListVulnerabilityReportsRequest
156
+ include ::Google::Protobuf::MessageExts
157
+ extend ::Google::Protobuf::MessageExts::ClassMethods
158
+ end
159
+
160
+ # A response message for listing vulnerability reports for all VM instances in
161
+ # the specified location.
162
+ # @!attribute [rw] vulnerability_reports
163
+ # @return [::Array<::Google::Cloud::OsConfig::V1::VulnerabilityReport>]
164
+ # List of vulnerabilityReport objects.
165
+ # @!attribute [rw] next_page_token
166
+ # @return [::String]
167
+ # The pagination token to retrieve the next page of vulnerabilityReports
168
+ # object.
169
+ class ListVulnerabilityReportsResponse
170
+ include ::Google::Protobuf::MessageExts
171
+ extend ::Google::Protobuf::MessageExts::ClassMethods
172
+ end
173
+
174
+ # Common Vulnerability Scoring System version 3.
175
+ # For details, see https://www.first.org/cvss/specification-document
176
+ # @!attribute [rw] base_score
177
+ # @return [::Float]
178
+ # The base score is a function of the base metric scores.
179
+ # https://www.first.org/cvss/specification-document#Base-Metrics
180
+ # @!attribute [rw] exploitability_score
181
+ # @return [::Float]
182
+ # The Exploitability sub-score equation is derived from the Base
183
+ # Exploitability metrics.
184
+ # https://www.first.org/cvss/specification-document#2-1-Exploitability-Metrics
185
+ # @!attribute [rw] impact_score
186
+ # @return [::Float]
187
+ # The Impact sub-score equation is derived from the Base Impact metrics.
188
+ # @!attribute [rw] attack_vector
189
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::AttackVector]
190
+ # This metric reflects the context by which vulnerability exploitation is
191
+ # possible.
192
+ # @!attribute [rw] attack_complexity
193
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::AttackComplexity]
194
+ # This metric describes the conditions beyond the attacker's control that
195
+ # must exist in order to exploit the vulnerability.
196
+ # @!attribute [rw] privileges_required
197
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::PrivilegesRequired]
198
+ # This metric describes the level of privileges an attacker must possess
199
+ # before successfully exploiting the vulnerability.
200
+ # @!attribute [rw] user_interaction
201
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::UserInteraction]
202
+ # This metric captures the requirement for a human user, other than the
203
+ # attacker, to participate in the successful compromise of the vulnerable
204
+ # component.
205
+ # @!attribute [rw] scope
206
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::Scope]
207
+ # The Scope metric captures whether a vulnerability in one vulnerable
208
+ # component impacts resources in components beyond its security scope.
209
+ # @!attribute [rw] confidentiality_impact
210
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::Impact]
211
+ # This metric measures the impact to the confidentiality of the information
212
+ # resources managed by a software component due to a successfully exploited
213
+ # vulnerability.
214
+ # @!attribute [rw] integrity_impact
215
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::Impact]
216
+ # This metric measures the impact to integrity of a successfully exploited
217
+ # vulnerability.
218
+ # @!attribute [rw] availability_impact
219
+ # @return [::Google::Cloud::OsConfig::V1::CVSSv3::Impact]
220
+ # This metric measures the impact to the availability of the impacted
221
+ # component resulting from a successfully exploited vulnerability.
222
+ class CVSSv3
223
+ include ::Google::Protobuf::MessageExts
224
+ extend ::Google::Protobuf::MessageExts::ClassMethods
225
+
226
+ # This metric reflects the context by which vulnerability exploitation is
227
+ # possible.
228
+ module AttackVector
229
+ # Invalid value.
230
+ ATTACK_VECTOR_UNSPECIFIED = 0
231
+
232
+ # The vulnerable component is bound to the network stack and the set of
233
+ # possible attackers extends beyond the other options listed below, up to
234
+ # and including the entire Internet.
235
+ ATTACK_VECTOR_NETWORK = 1
236
+
237
+ # The vulnerable component is bound to the network stack, but the attack is
238
+ # limited at the protocol level to a logically adjacent topology.
239
+ ATTACK_VECTOR_ADJACENT = 2
240
+
241
+ # The vulnerable component is not bound to the network stack and the
242
+ # attacker's path is via read/write/execute capabilities.
243
+ ATTACK_VECTOR_LOCAL = 3
244
+
245
+ # The attack requires the attacker to physically touch or manipulate the
246
+ # vulnerable component.
247
+ ATTACK_VECTOR_PHYSICAL = 4
248
+ end
249
+
250
+ # This metric describes the conditions beyond the attacker's control that
251
+ # must exist in order to exploit the vulnerability.
252
+ module AttackComplexity
253
+ # Invalid value.
254
+ ATTACK_COMPLEXITY_UNSPECIFIED = 0
255
+
256
+ # Specialized access conditions or extenuating circumstances do not exist.
257
+ # An attacker can expect repeatable success when attacking the vulnerable
258
+ # component.
259
+ ATTACK_COMPLEXITY_LOW = 1
260
+
261
+ # A successful attack depends on conditions beyond the attacker's control.
262
+ # That is, a successful attack cannot be accomplished at will, but requires
263
+ # the attacker to invest in some measurable amount of effort in preparation
264
+ # or execution against the vulnerable component before a successful attack
265
+ # can be expected.
266
+ ATTACK_COMPLEXITY_HIGH = 2
267
+ end
268
+
269
+ # This metric describes the level of privileges an attacker must possess
270
+ # before successfully exploiting the vulnerability.
271
+ module PrivilegesRequired
272
+ # Invalid value.
273
+ PRIVILEGES_REQUIRED_UNSPECIFIED = 0
274
+
275
+ # The attacker is unauthorized prior to attack, and therefore does not
276
+ # require any access to settings or files of the vulnerable system to
277
+ # carry out an attack.
278
+ PRIVILEGES_REQUIRED_NONE = 1
279
+
280
+ # The attacker requires privileges that provide basic user capabilities
281
+ # that could normally affect only settings and files owned by a user.
282
+ # Alternatively, an attacker with Low privileges has the ability to access
283
+ # only non-sensitive resources.
284
+ PRIVILEGES_REQUIRED_LOW = 2
285
+
286
+ # The attacker requires privileges that provide significant (e.g.,
287
+ # administrative) control over the vulnerable component allowing access to
288
+ # component-wide settings and files.
289
+ PRIVILEGES_REQUIRED_HIGH = 3
290
+ end
291
+
292
+ # This metric captures the requirement for a human user, other than the
293
+ # attacker, to participate in the successful compromise of the vulnerable
294
+ # component.
295
+ module UserInteraction
296
+ # Invalid value.
297
+ USER_INTERACTION_UNSPECIFIED = 0
298
+
299
+ # The vulnerable system can be exploited without interaction from any user.
300
+ USER_INTERACTION_NONE = 1
301
+
302
+ # Successful exploitation of this vulnerability requires a user to take
303
+ # some action before the vulnerability can be exploited.
304
+ USER_INTERACTION_REQUIRED = 2
305
+ end
306
+
307
+ # The Scope metric captures whether a vulnerability in one vulnerable
308
+ # component impacts resources in components beyond its security scope.
309
+ module Scope
310
+ # Invalid value.
311
+ SCOPE_UNSPECIFIED = 0
312
+
313
+ # An exploited vulnerability can only affect resources managed by the same
314
+ # security authority.
315
+ SCOPE_UNCHANGED = 1
316
+
317
+ # An exploited vulnerability can affect resources beyond the security scope
318
+ # managed by the security authority of the vulnerable component.
319
+ SCOPE_CHANGED = 2
320
+ end
321
+
322
+ # The Impact metrics capture the effects of a successfully exploited
323
+ # vulnerability on the component that suffers the worst outcome that is most
324
+ # directly and predictably associated with the attack.
325
+ module Impact
326
+ # Invalid value.
327
+ IMPACT_UNSPECIFIED = 0
328
+
329
+ # High impact.
330
+ IMPACT_HIGH = 1
331
+
332
+ # Low impact.
333
+ IMPACT_LOW = 2
334
+
335
+ # No impact.
336
+ IMPACT_NONE = 3
337
+ end
338
+ end
339
+ end
340
+ end
341
+ end
342
+ end