RubyGems - recog - Versions diffs - 2.3.12 → 2.3.17 - Mend

recog 2.3.12 → 2.3.17

Files changed (46) hide show

checksums.yaml +4 -4
data/.github/SECURITY.md +35 -0
data/.snyk +10 -0
data/LICENSE +1 -1
data/bin/recog_standardize +2 -2
data/cpe-remap.yaml +46 -14
data/identifiers/hw_device.txt +3 -4
data/identifiers/hw_family.txt +6 -0
data/identifiers/hw_product.txt +17 -6
data/identifiers/os_architecture.txt +0 -10
data/identifiers/os_device.txt +11 -31
data/identifiers/os_family.txt +1 -95
data/identifiers/os_product.txt +9 -117
data/identifiers/service_family.txt +4 -36
data/identifiers/service_product.txt +211 -92
data/identifiers/vendor.txt +46 -194
data/lib/recog/version.rb +1 -1
data/requirements.txt +1 -1
data/update_cpes.py +93 -45
data/xml/dns_versionbind.xml +39 -16
data/xml/favicons.xml +42 -17
data/xml/ftp_banners.xml +39 -24
data/xml/hp_pjl_id.xml +1 -1
data/xml/html_title.xml +72 -22
data/xml/http_cookies.xml +4 -1
data/xml/http_servers.xml +342 -73
data/xml/http_wwwauth.xml +20 -20
data/xml/imap_banners.xml +39 -0
data/xml/ldap_searchresult.xml +9 -6
data/xml/ntp_banners.xml +1 -1
data/xml/operating_system.xml +1 -0
data/xml/pop_banners.xml +55 -2
data/xml/sip_user_agents.xml +3 -3
data/xml/smb_native_os.xml +1 -0
data/xml/smtp_banners.xml +7 -2
data/xml/smtp_help.xml +2 -0
data/xml/smtp_vrfy.xml +2 -1
data/xml/snmp_sysdescr.xml +125 -87
data/xml/ssh_banners.xml +1 -1
data/xml/telnet_banners.xml +155 -15
data/xml/x509_issuers.xml +8 -5
data/xml/x509_subjects.xml +25 -17
metadata +4 -5
data/identifiers/software_class.txt +0 -26
data/identifiers/software_family.txt +0 -91
data/identifiers/software_product.txt +0 -333

@@ -86,7 +86,8 @@
     <description>Symantec Mail Security</description>
     <example>504 &lt;foo&gt;: Recipient address rejected: need fully-qualified address</example>
     <param pos="0" name="service.vendor" value="Symantec"/>
-    <param pos="0" name="service.product" value="Symantec Mail Security for SMTP"/>
+    <param pos="0" name="service.product" value="Mail Security for SMTP"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:symantec:mail_security_for_smtp:-"/>
   </fingerprint>
   <fingerprint pattern="^252 Unable to VRFY &quot;.*&quot;, but will accept message and attempt delivery *$">

data/xml/snmp_sysdescr.xml CHANGED

@@ -932,7 +932,7 @@
     <example>Monarch M09855 FW Ver 6.2 / 7411 Network Adapter FW Ver CAMO-7.60, 802.11b-g WiFi FW Ver</example>
     <example>Monarch M09855 FW Ver 6.2 / 7411 Network Adapter FW Ver CAMO-7.60, 802.11b-g WiFi FW Ver / Verifier</example>
     <param pos="0" name="os.vendor" value="Avery Dennison"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
   </fingerprint>
@@ -985,7 +985,7 @@
     <example os.product="NPS 550R Printer Server" os.version="4.11">Axis NPS 550R Printer Server V4.11 Mar 1 1994</example>
     <example os.product="NPS 550RPrint server" os.version="5.22">Axis NPS 550RPrint serverV5.22 Oct 07 1996</example>
     <param pos="0" name="os.vendor" value="Axis"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
@@ -1001,7 +1001,7 @@
     <example os.product="SG400" os.version="4.1.1.1" os.version.version="22695">Blue Coat SG400, ProxySG Version: SGOS 4.1.1.1, Release id: 22695</example>
     <example os.product="SG8100" os.version="4.3.4.1" os.version.version="52168">Blue Coat SG8100 Series, ProxySG Version: SGOS 4.3.4.1, Release id: 52168</example>
     <param pos="0" name="os.vendor" value="Blue Coat"/>
-    <param pos="0" name="os.device" value="Web proxy"/>
+    <param pos="0" name="os.device" value="Web Proxy"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
     <param pos="3" name="os.version.version"/>
@@ -1011,7 +1011,7 @@
     <description>Blue Coat ProxyAV</description>
     <example os.product="AV1200" os.version="3.2.6.1" os.version.version="51482">Blue Coat AV1200 Series, ProxyAV Version: 3.2.6.1, Release id: 51482</example>
     <param pos="0" name="os.vendor" value="Blue Coat"/>
-    <param pos="0" name="os.device" value="Web proxy"/>
+    <param pos="0" name="os.device" value="Web Proxy"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
     <param pos="3" name="os.version.version"/>
@@ -1320,7 +1320,7 @@
     <description>Canon Camera</description>
     <example>Canon Network Camera VB-C60</example>
     <param pos="0" name="os.vendor" value="Canon"/>
-    <param pos="0" name="os.device" value="Web cam"/>
+    <param pos="0" name="os.device" value="IP Camera"/>
     <param pos="1" name="os.product"/>
   </fingerprint>
@@ -1345,7 +1345,7 @@
     <description>Castelle FaxPress</description>
     <param pos="0" name="os.vendor" value="Castelle"/>
     <param pos="0" name="os.product" value="FaxPress"/>
-    <param pos="0" name="os.device" value="Fax server"/>
+    <param pos="0" name="os.device" value="Fax Server"/>
   </fingerprint>
   <!--======================================================================
@@ -1554,7 +1554,7 @@
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="760 Series"/>
     <param pos="0" name="os.product" value="761"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
@@ -1807,6 +1807,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.product" value="DD OS"/>
     <param pos="0" name="os.device" value="Storage"/>
     <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:dell:emc_data_domain_os:{os.version}"/>
   </fingerprint>
   <!--======================================================================
@@ -1831,7 +1832,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Datamax Printer</example>
     <param pos="0" name="os.vendor" value="Datamax"/>
     <param pos="0" name="os.device" value="Printer"/>
-    <param pos="0" name="os.product" value="Print server"/>
+    <param pos="0" name="os.product" value="Print Server"/>
   </fingerprint>
   <!--======================================================================
@@ -2403,7 +2404,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="2" name="hw.product"/>
     <param pos="3" name="os.version"/>
     <param pos="4" name="os.version.version"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:{os.version}"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
   </fingerprint>
   <fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
@@ -2970,7 +2971,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>HP ETHERNET MULTI-ENVIRONMENT</example>
     <param pos="0" name="os.vendor" value="HP"/>
     <param pos="0" name="os.family" value="JetDirect"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
   </fingerprint>
   <fingerprint pattern="^HP ETHERNET MULTI-ENVIRONMENT,ROM (\S+?),JETDIRECT(?: EX)?,(\w+),EEPROM.*$">
@@ -2981,7 +2982,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>HP ETHERNET MULTI-ENVIRONMENT,ROM B.25.01,JETDIRECT,JD118,EEPROM D.27.02,CIDATE 03/23/2004</example>
     <param pos="0" name="os.vendor" value="HP"/>
     <param pos="0" name="os.family" value="JetDirect"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.version"/>
     <param pos="2" name="os.product"/>
   </fingerprint>
@@ -3389,7 +3390,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.vendor" value="Intel"/>
     <param pos="0" name="os.family" value="NetportExpress"/>
     <param pos="0" name="os.product" value="PRO/100"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
   </fingerprint>
   <!--======================================================================
@@ -3401,7 +3402,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Intermec CX Terminal</example>
     <param pos="0" name="os.vendor" value="Intermec"/>
     <param pos="0" name="os.product" value="CX Data Collection Terminal"/>
-    <param pos="0" name="os.device" value="POS"/>
+    <param pos="0" name="os.device" value="Point of Sale"/>
   </fingerprint>
   <fingerprint pattern="^Thermal Label Printer Intermec (\S+)$">
@@ -3848,7 +3849,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Lexmark"/>
     <param pos="0" name="os.family" value="MarkNet"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
@@ -3933,7 +3934,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <description>Lexmark Printer - print server variant</description>
     <example>Lexmark C500 PS Print Server</example>
     <param pos="0" name="os.vendor" value="Lexmark"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
   </fingerprint>
@@ -4740,7 +4741,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>LX Console Manager, s/w version=5.3.9</example>
     <param pos="0" name="os.vendor" value="MRV Communications"/>
     <param pos="0" name="os.product" value="LX"/>
-    <param pos="0" name="os.device" value="Remote access server"/>
+    <param pos="0" name="os.device" value="Remote Access Server"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
@@ -4753,7 +4754,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>RASExpress Server Version 5.63</example>
     <param pos="0" name="os.vendor" value="MultiTech"/>
     <param pos="0" name="os.product" value="RASExpress"/>
-    <param pos="0" name="os.device" value="Remote access server"/>
+    <param pos="0" name="os.device" value="Remote Access Server"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
@@ -4784,7 +4785,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.vendor" value="NetApp"/>
     <param pos="0" name="os.family" value="Data ONTAP"/>
     <param pos="0" name="os.product" value="Data ONTAP"/>
-    <param pos="0" name="os.device" value="File server"/>
+    <param pos="0" name="os.device" value="File Server"/>
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
   </fingerprint>
@@ -4833,7 +4834,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Netopia R9100 v4.8.2</example>
     <param pos="0" name="os.vendor" value="Netopia"/>
     <param pos="0" name="os.family" value="Netopia"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
@@ -4997,7 +4998,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example os.product="2424">Nortel Application Switch 2424</example>
     <param pos="0" name="os.vendor" value="Nortel"/>
     <param pos="0" name="os.family" value="Application Switch"/>
-    <param pos="0" name="os.device" value="Load balancer"/>
+    <param pos="0" name="os.device" value="Load Balancer"/>
     <param pos="1" name="os.product"/>
   </fingerprint>
@@ -5258,7 +5259,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.family" value="NC Series"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
   </fingerprint>
   <fingerprint pattern="^Oce (im\d+)$">
@@ -5445,7 +5446,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>OKI OkiLAN 6400e Rev. 10/100BASE Ethernet PrintServer: Attached to B720n Rev.7.1b1: (C)2005 OKI DATA CORP</example>
     <example>OKI OkiLAN 6400e Rev. 10/100BASE Ethernet PrintServer: Attached to B930 Rev.3.6: (C)2005 OKI DATA CORP</example>
     <param pos="0" name="os.vendor" value="Oki"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
   </fingerprint>
@@ -5454,7 +5455,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>OKI FastEther8450e Rev.01.08 10/100BASE Ethernet PrintServer: Attached to B430 Rev.C2.00 : Copyright (c) 2008 Oki Data Corporation. All rights reserved.</example>
     <example>OKI FastEther8450e Rev.08.01 10/100BASE Ethernet PrintServer: Attached to C5650 Rev.M1.02 : Copyright (c) 2007 Oki Data Corporation. All rights reserved.</example>
     <param pos="0" name="os.vendor" value="Oki"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
@@ -5645,7 +5646,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Rectifier Technologies Pacific WebCSU 169-412 V1.30</example>
     <param pos="0" name="os.vendor" value="Rectifier Technologies"/>
     <param pos="0" name="os.family" value="RTP Power Controller"/>
-    <param pos="0" name="os.device" value="Power device"/>
+    <param pos="0" name="os.device" value="Power Device"/>
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
@@ -5655,7 +5656,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Rectifier SNMP Server</example>
     <param pos="0" name="os.vendor" value="Rectifier Technologies"/>
     <param pos="0" name="os.family" value="RTP Power Controller"/>
-    <param pos="0" name="os.device" value="Power device"/>
+    <param pos="0" name="os.device" value="Power Device"/>
     <param pos="0" name="os.product" value="WebCSU"/>
   </fingerprint>
@@ -6099,6 +6100,18 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
   </fingerprint>
+  <fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
+    <description>SonicWall - SonicOS Enhanced variant without hardware model</description>
+    <example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>
+    <example hw.product="SOHO" os.version="6.2.5.1-26n">SonicWALL SOHO wireless-N (SonicOS Enhanced 6.2.5.1-26n--HF175723-2n)</example>
+    <param pos="0" name="os.vendor" value="SonicWall"/>
+    <param pos="0" name="os.device" value="Firewall"/>
+    <param pos="0" name="os.product" value="SonicOS"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
+  </fingerprint>
   <fingerprint pattern="^SonicWALL (.*?)\s+\(([^\)]+)\)\s*$">
     <description>SonicWall</description>
     <example>SonicWALL StrongARM / 233 Mhz (PRO 200)</example>
@@ -6314,96 +6327,121 @@ Copyright (c) 1995-2005 by Cisco Systems
   <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*FW:\s*V([^,]+).*$">
     <description>Siemens HMI - firmware variant</description>
-    <example>Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
-    <example>Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
+    <example hw.product="KTP1000 Basic PN">Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
+    <example hw.version="01.06.00">Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
     <example>Siemens, SIMATIC HMI, KTP600 Basic color PN, 6AV6 647-0AD11-3AX0, HW:1, FW:V11.00.02.00</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic HMI"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="HMI Controller"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows CE"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic HMI"/>
+    <param pos="0" name="hw.device" value="HMI Controller"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*SW:\s*V\s*(\d+ \d+ \d+).*$">
     <description>Siemens HMI</description>
-    <example>Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
-    <example>Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
+    <example hw.product="MP177">Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
+    <example hw.version="1 0 2">Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
     <example>Siemens, SIMATIC HMI, XP277, 6AV6 643-0CB01-1AX0, HW: 0, SW: V 1 1 2</example>
     <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0GC01-0AX0, HW: 0, SW: V 11 0 2</example>
     <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0JC01-0AX0, HW: 0, SW: V 11 0 0</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic HMI"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="HMI Controller"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows CE"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic HMI"/>
+    <param pos="0" name="hw.device" value="HMI Controller"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC NET, ([^,]+),.*FW:\s*(?:Version )?V?([^,]+).*$">
     <description>Siemens NET - verbose variant</description>
-    <example os.product="CP 343-1 Advanced" os.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
-    <example os.product="CP 343-1 Lean" os.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
-    <example os.product="CP 343-1" os.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
-    <example os.product="SCALANCE X204-2" os.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
-    <example os.product="Scalance S612" os.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic NET"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CP 343-1 Advanced" hw.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
+    <example hw.product="CP 343-1 Lean" hw.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
+    <example hw.product="CP 343-1" hw.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
+    <example hw.product="SCALANCE X204-2" hw.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
+    <example hw.product="Scalance S612" hw.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 7"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic NET"/>
+    <param pos="0" name="hw.device" value="Monitoring"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC NET (\S+) FW V (\S+)$">
     <description>Siemens NET</description>
-    <example>Siemens, SIMATIC NET CP1613 FW V 06.33</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic NET"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CP1613" hw.version="06.33">Siemens, SIMATIC NET CP1613 FW V 06.33</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 7"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic NET"/>
+    <param pos="0" name="hw.device" value="Monitoring"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?FW: (?:Version )?V?\.?([^,]+).*$">
     <description>Siemens S7</description>
-    <example os.product="CPU-1200" os.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
-    <example os.product="CPU315-2 PN/DP" os.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
-    <example os.product="IM151-8" os.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CPU-1200" hw.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
+    <example hw.product="CPU315-2 PN/DP" hw.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
+    <example hw.product="IM151-8" hw.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?, V\.([^,]+).*$">
     <description>Siemens S7 - variant 1</description>
-    <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
-    <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
+    <example hw.product="CPU-1200">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
+    <example hw.version="1.0.1">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
     <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 214-1BE30-0XB0 SZVA2YYY007305 , 1, V.1.0.2, SZVA2YYY007305</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SIMATIC, (\S+)$">
     <description>Siemens S7 - model only variant</description>
-    <example>Siemens, SIMATIC, S7-300</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
+    <example hw.product="S7-300">Siemens, SIMATIC, S7-300</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
   </fingerprint>
   <fingerprint pattern="^Siemens, SINUMERIK, solution line ([^,]+),.*?FW:V([^,]+).*$">
     <description>Siemens Sinumerik Solution Line</description>
-    <example>Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
-    <example>Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
+    <example hw.product="PCU50">Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
+    <example hw.version="00.00.00">Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic Sinumerik"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic Sinumerik"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
   <fingerprint pattern="^Name:(ReliantUNIX)-. release:(\S+) version:(\S+) machine:(\S+)$">
@@ -6867,7 +6905,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>silex PocketPro 100s</example>
     <example>silex PocketPro 100s compatible with an HP JETDIRECT EX</example>
     <param pos="0" name="os.vendor" value="Troy"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
     <param pos="0" name="os.product" value="PocketPro"/>
   </fingerprint>
@@ -7150,7 +7188,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>ZebraNet PrintServer</example>
     <param pos="0" name="os.vendor" value="ZebraNet"/>
     <param pos="0" name="os.product" value="PrintServer"/>
-    <param pos="0" name="os.device" value="Print server"/>
+    <param pos="0" name="os.device" value="Print Server"/>
   </fingerprint>
   <!--======================================================================
@@ -7162,7 +7200,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Prestige 645</example>
     <param pos="0" name="os.vendor" value="Zyxel"/>
     <param pos="0" name="os.product" value="Prestige 645"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
   </fingerprint>
   <fingerprint pattern="^Prestige 660HW-61$">
@@ -7194,7 +7232,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Prestige 642R-13</example>
     <param pos="0" name="os.vendor" value="Zyxel"/>
     <param pos="0" name="os.product" value="Prestige 642R-13"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
   </fingerprint>
   <fingerprint pattern="^Prestige 660ME-61$">
@@ -7202,7 +7240,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Prestige 660ME-61</example>
     <param pos="0" name="os.vendor" value="Zyxel"/>
     <param pos="0" name="os.product" value="Prestige 660ME-61"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
   </fingerprint>
   <fingerprint pattern="^Prestige 650R-T3$">
@@ -7210,7 +7248,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <example>Prestige 650R-T3</example>
     <param pos="0" name="os.vendor" value="Zyxel"/>
     <param pos="0" name="os.product" value="Prestige 650R-T3"/>
-    <param pos="0" name="os.device" value="Broadband router"/>
+    <param pos="0" name="os.device" value="Broadband Router"/>
   </fingerprint>
 </fingerprints>