nexpose_servicenow 0.7.1 → 0.7.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5cf867dd52b399b8e111b8d36c404e133c663c31
|
4
|
+
data.tar.gz: 5d2e5338b7ec21c7216dd1837ade8cf17921e000
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 803f91eaed2e6b4e8ad728588546cbd04a35a9fc511c41e8a5b2a1c6452ba1fa5ee5a91857525908fa86735d0d8d78d8e21e72362e6e865d15ab9a5e72f6dab4
|
7
|
+
data.tar.gz: a80e9eaa45e6bffea2c5167736b9f52848bae488dcdfc2dfec10b902c4cef0daca1bca54e39f3c15ff931369f6a7d07557fe9b52fb88be797f9e38a429aad73b
|
@@ -269,57 +269,80 @@ module NexposeServiceNow
|
|
269
269
|
USING (vulnerability_id)"
|
270
270
|
end
|
271
271
|
|
272
|
+
def self.generate_cvss_table(cvss_range)
|
273
|
+
return '' if cvss_range.nil? || cvss_range.last.nil?
|
274
|
+
|
275
|
+
cvss_min = cvss_range.first
|
276
|
+
cvss_max = cvss_range.last
|
277
|
+
|
278
|
+
return '' if cvss_min.to_s == '0' && cvss_max.to_s == '10'
|
279
|
+
|
280
|
+
"vulns_cvss AS (
|
281
|
+
SELECT vulnerability_id FROM dim_vulnerability
|
282
|
+
WHERE cvss_score >= #{cvss_min} AND cvss_score <= #{cvss_max})"
|
283
|
+
end
|
284
|
+
|
272
285
|
def self.vulnerable_new_items(options={})
|
273
|
-
cve_filter = self.generate_cve_filter(options[:filters][:cve])
|
274
286
|
date_filter = self.generate_date_filter(options[:filters][:date], false)
|
275
|
-
cvss_filter = self.generate_cvss_filter(options[:filters][:cvss])
|
276
287
|
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
288
|
+
cvss_table = self.generate_cvss_table(options[:filters][:cvss])
|
289
|
+
cvss_filter = ''
|
290
|
+
if cvss_table != ''
|
291
|
+
cvss_table = ",#{cvss_table}"
|
292
|
+
cvss_filter = 'WHERE EXISTS (
|
293
|
+
SELECT 1 FROM vulns_cvss vc
|
294
|
+
WHERE nv.vulnerability_id = vc.vulnerability_id)'
|
295
|
+
end
|
296
|
+
|
297
|
+
"WITH assets AS (
|
298
|
+
SELECT * FROM dim_site_asset
|
299
|
+
WHERE site_id=#{options[:site_id]}
|
300
|
+
), previous_scan AS (
|
301
|
+
SELECT asset_id, vulnerability_id
|
302
|
+
FROM fact_asset_scan_vulnerability_finding
|
303
|
+
WHERE scan_id=#{options[:delta]}
|
304
|
+
), new_vulns AS (
|
305
|
+
SELECT asset_id, vulnerability_id, vulnerability_instances
|
306
|
+
FROM assets a
|
307
|
+
JOIN fact_asset_vulnerability_finding favf USING (asset_id)
|
308
|
+
WHERE NOT EXISTS (
|
309
|
+
SELECT 1
|
310
|
+
FROM previous_scan p
|
311
|
+
WHERE favf.asset_id = p.asset_id and favf.vulnerability_id = p.vulnerability_id)
|
312
|
+
)#{cvss_table}
|
313
|
+
,vuln_instances AS (
|
314
|
+
SELECT asset_id, vulnerability_id, vulnerability_instances,
|
315
|
+
status_id, proofAsText(proof) as proof, port, protocol_id
|
316
|
+
FROM new_vulns nv
|
317
|
+
JOIN fact_asset_vulnerability_instance USING (asset_id, vulnerability_id)
|
318
|
+
#{cvss_filter}
|
319
|
+
)
|
320
|
+
|
321
|
+
SELECT asset_id as Configuration_Item,
|
322
|
+
TRUE as Active,
|
323
|
+
concat('R7_', vulnerability_id) as Vulnerability,
|
324
|
+
ip_address as IP_Address,
|
325
|
+
first_discovered as First_Found,
|
326
|
+
most_recently_discovered as Last_Found,
|
327
|
+
vulnerability_instances as Times_Found,
|
328
|
+
string_agg(CONCAT('\"', proof ,'\"'), ',') as proof,
|
329
|
+
string_agg(DISTINCT port::character, ',') as ports,
|
330
|
+
string_agg(DISTINCT dp.description, ',') as protocol,
|
331
|
+
array_to_string(dvsol.solution_ids, ',', '') as Solutions,
|
332
|
+
string_agg(DISTINCT dvs.description, ',') as Status
|
333
|
+
FROM vuln_instances
|
334
|
+
JOIN dim_protocol dp USING (protocol_id)
|
335
|
+
JOIN dim_asset USING (asset_id)
|
336
|
+
JOIN dim_vulnerability_status dvs USING (status_id)
|
298
337
|
JOIN (SELECT asset_id, vulnerability_id,
|
299
338
|
first_discovered, most_recently_discovered
|
300
339
|
FROM fact_asset_vulnerability_age #{date_filter}) fasva USING (asset_id, vulnerability_id)
|
301
|
-
JOIN (SELECT asset_id,
|
302
|
-
vulnerability_id,
|
303
|
-
string_agg(proof, E'\n') as proof,
|
304
|
-
array_to_string(array_agg(DISTINCT port), ' ', '') as ports,
|
305
|
-
string_agg(DISTINCT status, ',') as status,
|
306
|
-
string_agg(DISTINCT protocol, ',') as protocol
|
307
|
-
FROM (SELECT asset_id, vulnerability_id,
|
308
|
-
proofAsText(proof) as proof,
|
309
|
-
status_id as status_id,
|
310
|
-
port,
|
311
|
-
dp.description as protocol,
|
312
|
-
dvs.description as status
|
313
|
-
FROM fact_asset_vulnerability_instance
|
314
|
-
JOIN dim_protocol dp USING (protocol_id)
|
315
|
-
JOIN dim_vulnerability_status dvs USING (status_id)) favi
|
316
|
-
GROUP BY asset_id, vulnerability_id) favi USING (asset_id, vulnerability_id)
|
317
|
-
JOIN (SELECT asset_id, ip_address
|
318
|
-
FROM dim_asset) s USING (asset_id)
|
319
340
|
LEFT JOIN (SELECT asset_id, vulnerability_id,
|
320
341
|
array_agg(DISTINCT solution_id) as solution_ids
|
321
342
|
FROM dim_asset_vulnerability_solution
|
322
|
-
GROUP BY asset_id, vulnerability_id) dvsol USING (asset_id, vulnerability_id)
|
343
|
+
GROUP BY asset_id, vulnerability_id) dvsol USING (asset_id, vulnerability_id)
|
344
|
+
GROUP by asset_id, vulnerability_id, first_discovered, ip_address, most_recently_discovered, vulnerability_instances, dvsol.solution_ids
|
345
|
+
"
|
323
346
|
end
|
324
347
|
|
325
348
|
def self.vulnerable_old_items(options={})
|
@@ -351,19 +374,15 @@ module NexposeServiceNow
|
|
351
374
|
MAX(fasv.scan_id) as latest_found,
|
352
375
|
s.current_scan
|
353
376
|
FROM fact_asset_scan_vulnerability_finding fasv
|
354
|
-
|
355
377
|
#{cve_filter}
|
356
378
|
#{cvss_filter}
|
357
|
-
|
358
379
|
JOIN (
|
359
380
|
SELECT asset_id, lastScan(asset_id) AS current_scan FROM dim_asset
|
360
381
|
) s ON s.asset_id = fasv.asset_id
|
361
382
|
GROUP BY fasv.asset_id, fasv.vulnerability_id, s.current_scan
|
362
|
-
|
363
383
|
HAVING MAX(fasv.scan_id) < current_scan
|
364
384
|
AND #{standard_filter}
|
365
385
|
) subq
|
366
|
-
|
367
386
|
JOIN dim_asset da ON subq.asset_id = da.asset_id
|
368
387
|
#{date_filter}"
|
369
388
|
|
data/nexpose_servicenow.gemspec
CHANGED
@@ -31,7 +31,7 @@ Gem::Specification.new do |spec|
|
|
31
31
|
spec.add_development_dependency 'bundler', '~> 1.11'
|
32
32
|
spec.add_development_dependency 'rake', '~> 10.0'
|
33
33
|
spec.add_dependency 'nexpose', '~> 3.2'
|
34
|
-
spec.add_dependency 'csv-diff', '~> 0.3.
|
34
|
+
spec.add_dependency 'csv-diff', '~> 0.3.5'
|
35
35
|
spec.add_dependency 'pg', '~> 0.21.0'
|
36
36
|
|
37
37
|
spec.required_ruby_version = ['>= 2.1.5', '< 2.5.0']
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nexpose_servicenow
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Valente
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-04-
|
11
|
+
date: 2018-04-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -58,14 +58,14 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 0.3.
|
61
|
+
version: 0.3.5
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: 0.3.
|
68
|
+
version: 0.3.5
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: pg
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -133,8 +133,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
133
133
|
version: '0'
|
134
134
|
requirements: []
|
135
135
|
rubyforge_project:
|
136
|
-
rubygems_version: 2.
|
136
|
+
rubygems_version: 2.4.3
|
137
137
|
signing_key:
|
138
138
|
specification_version: 4
|
139
139
|
summary: Gem for Nexpose-ServiceNow integration.
|
140
140
|
test_files: []
|
141
|
+
has_rdoc:
|