recog 2.3.16 → 2.3.17

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,3 +1,3 @@
1
1
  module Recog
2
- VERSION = '2.3.16'
2
+ VERSION = '2.3.17'
3
3
  end
@@ -1,2 +1,2 @@
1
- lxml==4.5.1
1
+ lxml==4.6.2
2
2
  pyyaml
@@ -1,10 +1,10 @@
1
1
  #!/usr/bin/env python
2
2
 
3
- import yaml
4
3
  import logging
5
4
  import re
6
5
  import sys
7
6
 
7
+ import yaml
8
8
  from lxml import etree
9
9
 
10
10
  def parse_r7_remapping(file):
@@ -20,9 +20,9 @@ def parse_cpe_vp_map(file):
20
20
  cpe_match = re.match('^cpe:/([aho]):([^:]+):([^:]+)', cpe_name)
21
21
  if cpe_match:
22
22
  cpe_type, vendor, product = cpe_match.group(1, 2, 3)
23
- if not cpe_type in vp_map:
23
+ if cpe_type not in vp_map:
24
24
  vp_map[cpe_type] = {}
25
- if not vendor in vp_map[cpe_type]:
25
+ if vendor not in vp_map[cpe_type]:
26
26
  vp_map[cpe_type][vendor] = set()
27
27
  product = product.replace('%2f', '/')
28
28
  vp_map[cpe_type][vendor].add(product)
@@ -34,12 +34,12 @@ def parse_cpe_vp_map(file):
34
34
  def main():
35
35
  if len(sys.argv) != 4:
36
36
  logging.critical("Expecting exactly 3 arguments; recog XML file, CPE 2.3 XML dictionary, JSON remapping, got %s", (len(sys.argv) - 1))
37
- exit(1)
37
+ sys.exit(1)
38
38
 
39
39
  cpe_vp_map = parse_cpe_vp_map(sys.argv[2])
40
40
  if not cpe_vp_map:
41
41
  logging.critical("No CPE vendor => product mappings read from CPE 2.3 XML dictionary %s", sys.argv[2])
42
- exit(1)
42
+ sys.exit(1)
43
43
 
44
44
  r7_vp_map = parse_r7_remapping(sys.argv[3])
45
45
  if not r7_vp_map:
@@ -47,6 +47,82 @@ def main():
47
47
 
48
48
  update_cpes(sys.argv[1], cpe_vp_map, r7_vp_map)
49
49
 
50
+ def lookup_cpe(vendor, product, cpe_type, cpe_table, remap):
51
+ """Identify the correct vendor and product values for a CPE
52
+
53
+ This function attempts to determine the correct CPE using vendor and product
54
+ values supplied by the caller as well as a remapping dictionary for mapping
55
+ these values to more correct values used by NIST.
56
+
57
+ For example, the remapping might tell us that a value of 'alpine' for the
58
+ vendor string should be 'aplinelinux' instead, or for product 'solaris'
59
+ should be 'sunos'.
60
+
61
+ This function should only emit values seen in the official NIST CPE list
62
+ which is provided to it in cpe_table.
63
+
64
+ Lookup priority:
65
+ 1. Original vendor / product
66
+ 2. Original vendor / remap product
67
+ 3. Remap vendor / original product
68
+ 4. Remap vendor / remap product
69
+
70
+ Args:
71
+ vendor (str): vendor name
72
+ product (str): product name
73
+ cpe_type (str): CPE type - o, a, h, etc.
74
+ cpe_table (dict): dict containing the official NIST CPE data
75
+ remap (dict): dict containing the remapping values
76
+ Returns:
77
+ success, vendor, product
78
+ """
79
+
80
+ if (
81
+ vendor in cpe_table[cpe_type]
82
+ and product in cpe_table[cpe_type][vendor]
83
+ ):
84
+ # Hot path, success with original values
85
+ return True, vendor, product
86
+
87
+ # Everything else depends on a remap of some sort.
88
+ # get the remappings for this one vendor string.
89
+ vendor_remap = remap.get(vendor, None)
90
+
91
+ if vendor_remap:
92
+ # If we have product remappings, work that angle next
93
+ possible_product = None
94
+ if (
95
+ vendor_remap.get('products', None)
96
+ and product in vendor_remap['products']
97
+ ):
98
+ possible_product = vendor_remap['products'][product]
99
+
100
+ if (vendor in cpe_table[cpe_type]
101
+ and possible_product
102
+ and possible_product in cpe_table[cpe_type][vendor]):
103
+ # Found original vendor, remap product
104
+ return True, vendor, possible_product
105
+
106
+ # Start working the process to find a match with a remapped vendor name
107
+ if vendor_remap.get('vendor', None):
108
+ new_vendor = vendor_remap['vendor']
109
+
110
+ if new_vendor in cpe_table[cpe_type]:
111
+
112
+ if product in cpe_table[cpe_type][new_vendor]:
113
+ # Found remap vendor, original product
114
+ return True, new_vendor, product
115
+
116
+ if possible_product and possible_product in cpe_table[cpe_type][new_vendor]:
117
+ # Found remap vendor, remap product
118
+ return True, new_vendor, possible_product
119
+
120
+
121
+ logging.error("Product %s from vendor %s invalid for CPE %s and no mapping",
122
+ product, vendor, cpe_type)
123
+ return False, None, None
124
+
125
+
50
126
  def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
51
127
  parser = etree.XMLParser(remove_comments=False, remove_blank_text=True)
52
128
  doc = etree.parse(xml_file, parser)
@@ -121,44 +197,16 @@ def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
121
197
  if (vendor.startswith('{') and vendor.endswith('}')) or (product.startswith('{') and product.endswith('}')):
122
198
  continue
123
199
 
124
- remapped_vendor = False
125
- og_vendor = vendor
126
- if not vendor in cpe_vp_map[cpe_type]:
127
- if vendor in r7_vp_map:
128
- vendor = r7_vp_map[vendor]['vendor']
129
- remapped_vendor = True
130
- if not vendor in cpe_vp_map[cpe_type]:
131
- logging.error("Remapped vendor %s (remapped from %s) invalid for CPE %s (product %s)", vendor, og_vendor, cpe_type, product)
132
- continue
133
- else:
134
- logging.error("Vendor %s invalid for CPE %s and no remapping (product %s)", vendor, cpe_type, product)
135
- continue
136
-
137
-
138
- # if the product as specified is not found in the CPE dictionary for this vendor
139
- if not product in cpe_vp_map[cpe_type][vendor]:
140
- # if this vendor has a remapping from R7
141
- if og_vendor in r7_vp_map and 'products' in r7_vp_map[og_vendor]:
142
- # if this product has a remapping for this vendor from R7
143
- if product in r7_vp_map[og_vendor]['products']:
144
- og_product = product
145
- product = r7_vp_map[og_vendor]['products'][product]
146
- # ensure that the remapped product is valid for the given vendor in CPE
147
- if not product in cpe_vp_map[cpe_type][vendor]:
148
- logging.error("Remapped product %s (remapped from %s) from vendor %s invalid for CPE %s", product, og_product, vendor, cpe_type)
149
- continue
150
- else:
151
- if remapped_vendor:
152
- logging.error("Product %s from vendor %s (remapped from %s) invalid for CPE %s and no mapping", product, vendor, og_vendor, cpe_type)
153
- else:
154
- logging.error("Product %s from vendor %s invalid for CPE %s and no mapping", product, vendor, cpe_type)
155
- continue
156
- else:
157
- if remapped_vendor:
158
- logging.error("Vendor %s (remapped from %s) is valid for CPE %s but product %s not valid and no mapping", vendor, og_vendor, cpe_type, product)
159
- else:
160
- logging.error("Vendor %s is valid for CPE %s but product %s not valid and no mapping", vendor, cpe_type, product)
161
- continue
200
+ success, vendor, product = lookup_cpe(vendor, product, cpe_type, cpe_vp_map, r7_vp_map)
201
+ if not success:
202
+ continue
203
+
204
+ # Sanity check the value to ensure that no invalid values will
205
+ # slip in due to logic or mapping bugs.
206
+ # If it's not in the official NIST list then log it and kick it out
207
+ if product not in cpe_vp_map[cpe_type][vendor]:
208
+ logging.error("Invalid CPE type %s created for vendor %s and product %s. This may be due to an invalid mapping.", cpe_type, vendor, product)
209
+ continue
162
210
 
163
211
  # building the CPE string
164
212
  # Last minute escaping of '/'
@@ -185,5 +233,5 @@ def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
185
233
  xml_out.write(etree.tostring(root, pretty_print=True, xml_declaration=True, encoding=doc.docinfo.encoding))
186
234
 
187
235
  if __name__ == '__main__':
188
- try: exit(main())
236
+ try: sys.exit(main())
189
237
  except KeyboardInterrupt: pass
@@ -761,6 +761,21 @@
761
761
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:Service Pack 1"/>
762
762
  </fingerprint>
763
763
 
764
+ <fingerprint pattern="^Microsoft DNS 5.2.3790(?: \(([^)]+)\))?$">
765
+ <description>Microsoft DNS on Windows 2003</description>
766
+ <example service.version.version="ECE135D">Microsoft DNS 5.2.3790 (ECE135D)</example>
767
+ <param pos="0" name="service.vendor" value="Microsoft"/>
768
+ <param pos="0" name="service.family" value="DNS"/>
769
+ <param pos="0" name="service.product" value="DNS"/>
770
+ <param pos="0" name="service.version" value="5.2.3790"/>
771
+ <param pos="1" name="service.version.version"/>
772
+ <param pos="0" name="os.vendor" value="Microsoft"/>
773
+ <param pos="0" name="os.family" value="Windows"/>
774
+ <param pos="0" name="os.product" value="Windows Server 2003"/>
775
+ <param pos="0" name="os.build" value="5.2.3790"/>
776
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
777
+ </fingerprint>
778
+
764
779
  <fingerprint pattern="^DNSServer$">
765
780
  <description>Synology DNS service</description>
766
781
  <example>DNSServer</example>
@@ -21,6 +21,7 @@
21
21
  <param pos="0" name="service.vendor" value="Munin"/>
22
22
  <param pos="0" name="service.product" value="Munin"/>
23
23
  <param pos="0" name="service.certainty" value="0.5"/>
24
+ <param pos="0" name="service.cpe23" value="cpe:/a:munin-monitoring:munin:-"/>
24
25
  </fingerprint>
25
26
 
26
27
  <fingerprint pattern="^ce849e0d986f73c97aa81290c2052164$">
@@ -57,6 +58,7 @@
57
58
  <param pos="0" name="service.vendor" value="Drupal"/>
58
59
  <param pos="0" name="service.product" value="CMS"/>
59
60
  <param pos="0" name="service.certainty" value="0.5"/>
61
+ <param pos="0" name="service.cpe23" value="cpe:/a:drupal:drupal:-"/>
60
62
  </fingerprint>
61
63
 
62
64
  <fingerprint pattern="^91b72b23e7f499d6c09cb18c7b1278f1$">
@@ -65,6 +67,7 @@
65
67
  <param pos="0" name="service.vendor" value="Kodi"/>
66
68
  <param pos="0" name="service.product" value="Media Server"/>
67
69
  <param pos="0" name="service.certainty" value="0.5"/>
70
+ <param pos="0" name="service.cpe23" value="cpe:/a:kodi:kodi:-"/>
68
71
  </fingerprint>
69
72
 
70
73
  <fingerprint pattern="^d403850756671a93ca205b8128140494$">
@@ -111,8 +114,9 @@
111
114
  <description>Moodle</description>
112
115
  <example>135aed33c0a7b8f44f0227a71b9ce345</example>
113
116
  <param pos="0" name="service.vendor" value="Moodle"/>
114
- <param pos="0" name="service.product" value="Moodle CMS"/>
117
+ <param pos="0" name="service.product" value="Moodle"/>
115
118
  <param pos="0" name="service.certainty" value="0.5"/>
119
+ <param pos="0" name="service.cpe23" value="cpe:/a:moodle:moodle:-"/>
116
120
  </fingerprint>
117
121
 
118
122
  <fingerprint pattern="^23ab9cf3907dfc3b047d8b14e7303d0d$">
@@ -146,6 +150,7 @@
146
150
  <param pos="0" name="service.vendor" value="ownCloud"/>
147
151
  <param pos="0" name="service.product" value="ownCloud Server"/>
148
152
  <param pos="0" name="service.certainty" value="0.5"/>
153
+ <param pos="0" name="service.cpe23" value="cpe:/a:owncloud:owncloud:-"/>
149
154
  </fingerprint>
150
155
 
151
156
  <fingerprint pattern="^da897184fba34d5fe72148963f42b577$">
@@ -168,8 +173,10 @@
168
173
  <description>Metasploit Pro</description>
169
174
  <example>08ff173efec0750dd29ac7f44d972427</example>
170
175
  <param pos="0" name="service.vendor" value="Rapid7"/>
171
- <param pos="0" name="service.product" value="Metasploit Pro"/>
176
+ <param pos="0" name="service.product" value="Metasploit"/>
177
+ <param pos="0" name="service.edition" value="Pro"/>
172
178
  <param pos="0" name="service.certainty" value="0.5"/>
179
+ <param pos="0" name="service.cpe23" value="cpe:/a:rapid7:metasploit:-"/>
173
180
  </fingerprint>
174
181
 
175
182
  <fingerprint pattern="^23671ccca2849ae58d1b04c218013382$">
@@ -236,8 +243,9 @@
236
243
  <description>Swagger UI</description>
237
244
  <example>f983f318b0f0dff7a9303973f36ec45a</example>
238
245
  <param pos="0" name="service.vendor" value="Swagger"/>
239
- <param pos="0" name="service.product" value="UI"/>
246
+ <param pos="0" name="service.product" value="Swagger UI"/>
240
247
  <param pos="0" name="service.certainty" value="0.5"/>
248
+ <param pos="0" name="service.cpe23" value="cpe:/a:smartbear:swagger_ui:-"/>
241
249
  </fingerprint>
242
250
 
243
251
  <fingerprint pattern="^1c4201c7da53d6c7e48251d3a9680449$">
@@ -272,6 +280,7 @@
272
280
  <param pos="0" name="service.vendor" value="Progress"/>
273
281
  <param pos="0" name="service.product" value="OpenEdge Explorer"/>
274
282
  <param pos="0" name="service.certainty" value="0.5"/>
283
+ <param pos="0" name="service.cpe23" value="cpe:/a:progress:openedge:-"/>
275
284
  </fingerprint>
276
285
 
277
286
  <fingerprint pattern="^297a81069094d00a052733d3a0537d18$">
@@ -280,6 +289,7 @@
280
289
  <param pos="0" name="service.vendor" value="CrushFTP"/>
281
290
  <param pos="0" name="service.product" value="CrushFTP Web Interface"/>
282
291
  <param pos="0" name="service.certainty" value="0.5"/>
292
+ <param pos="0" name="service.cpe23" value="cpe:/a:crushftp:crushftp:-"/>
283
293
  </fingerprint>
284
294
 
285
295
  <fingerprint pattern="^f7728520c81b7a303d8e54d282e13a16$">
@@ -413,7 +423,7 @@
413
423
  <example>5856edf7bcbea0817312d9e535e5eb2a</example>
414
424
  <example>f4f3cb900258441d5dbc9105b7ab9b44</example>
415
425
  <example>c6acedaff906029fc5455d9ec52c7f42</example>
416
- <param pos="0" name="service.vendor" value="VMWare"/>
426
+ <param pos="0" name="service.vendor" value="VMware"/>
417
427
  <param pos="0" name="service.product" value="Horizon"/>
418
428
  <param pos="0" name="service.certainty" value="0.5"/>
419
429
  <param pos="0" name="service.cpe23" value="cpe:/a:vmware:horizon:-"/>
@@ -501,6 +511,7 @@
501
511
  <param pos="0" name="service.vendor" value="Lynx Technology"/>
502
512
  <param pos="0" name="service.product" value="Twonky Media Server"/>
503
513
  <param pos="0" name="service.certainty" value="0.5"/>
514
+ <param pos="0" name="service.cpe23" value="cpe:/a:lynxtechnology:twonky_server:-"/>
504
515
  </fingerprint>
505
516
 
506
517
  <fingerprint pattern="^d14310fffe94d78c0da0c8fadb993f78$">
@@ -958,7 +969,7 @@
958
969
  <description>D-Link Network Camera</description>
959
970
  <example>842c79ab11f38323fc554afbea5c990a</example>
960
971
  <param pos="0" name="hw.vendor" value="D-Link"/>
961
- <param pos="0" name="hw.device" value="Web cam"/>
972
+ <param pos="0" name="hw.device" value="IP Camera"/>
962
973
  <param pos="0" name="hw.product" value="DCS-932"/>
963
974
  <param pos="0" name="os.certainty" value="0.5"/>
964
975
  </fingerprint>
@@ -970,15 +981,21 @@
970
981
  <param pos="0" name="os.family" value="Linux"/>
971
982
  <param pos="0" name="os.product" value="EdgeOS"/>
972
983
  <param pos="0" name="os.certainty" value="0.5"/>
984
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
973
985
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
974
986
  <param pos="0" name="hw.product" value="EdgeSwitch"/>
975
987
  <param pos="0" name="hw.certainty" value="0.5"/>
988
+ <param pos="0" name="hw.cpe23" value="cpe:/h:ui:edgeswitch:-"/>
976
989
  </fingerprint>
977
990
 
978
991
  <fingerprint pattern="^(?:7da8813873190b6e3d7d8957d798bd1e|31ccf4e22ba33dbec54cc357a43a36d3)$">
979
992
  <description>OpenMediaVault</description>
980
993
  <example>7da8813873190b6e3d7d8957d798bd1e</example>
981
994
  <example>31ccf4e22ba33dbec54cc357a43a36d3</example>
995
+ <param pos="0" name="service.vendor" value="OpenMediaVault"/>
996
+ <param pos="0" name="service.product" value="OpenMediaVault"/>
997
+ <param pos="0" name="service.certainty" value="0.5"/>
998
+ <param pos="0" name="service.cpe23" value="cpe:/a:openmediavault:openmediavault:-"/>
982
999
  <param pos="0" name="os.vendor" value="OpenMediaVault"/>
983
1000
  <param pos="0" name="os.family" value="Linux"/>
984
1001
  <param pos="0" name="os.product" value="OpenMediaVault"/>
@@ -990,11 +1007,11 @@
990
1007
  <description>ELAN Network Camera</description>
991
1008
  <example>9dac0d6bad34f38552361f3a3b5bab16</example>
992
1009
  <param pos="0" name="hw.vendor" value="ELAN"/>
993
- <param pos="0" name="hw.device" value="Web cam"/>
1010
+ <param pos="0" name="hw.device" value="IP Camera"/>
994
1011
  <param pos="0" name="hw.product" value="HDIPCam"/>
995
1012
  <param pos="0" name="hw.certainty" value="0.5"/>
996
1013
  <param pos="0" name="os.vendor" value="ELAN"/>
997
- <param pos="0" name="os.device" value="Web cam"/>
1014
+ <param pos="0" name="os.device" value="IP Camera"/>
998
1015
  <param pos="0" name="os.family" value="Linux"/>
999
1016
  <param pos="0" name="os.certainty" value="0.5"/>
1000
1017
  </fingerprint>
@@ -1024,7 +1041,7 @@
1024
1041
  <description>Genetec AutoVu SharpV ALPR Camera</description>
1025
1042
  <example>979d9a884c322862e6830f61e2c378e6</example>
1026
1043
  <param pos="0" name="hw.vendor" value="Genetec"/>
1027
- <param pos="0" name="hw.device" value="Web cam"/>
1044
+ <param pos="0" name="hw.device" value="IP Camera"/>
1028
1045
  <param pos="0" name="hw.product" value="AutoVu SharpV"/>
1029
1046
  <param pos="0" name="hw.certainty" value="0.5"/>
1030
1047
  </fingerprint>
@@ -1048,7 +1065,7 @@
1048
1065
  <description>IQinVision IQeye Network Camera</description>
1049
1066
  <example>665f96fcdcc9da0ab89312acc02fa815</example>
1050
1067
  <param pos="0" name="hw.vendor" value="IQinVision"/>
1051
- <param pos="0" name="hw.device" value="Web cam"/>
1068
+ <param pos="0" name="hw.device" value="IP Camera"/>
1052
1069
  <param pos="0" name="hw.certainty" value="0.5"/>
1053
1070
  </fingerprint>
1054
1071
 
@@ -1141,6 +1158,10 @@
1141
1158
  <example>af13b379bdb4ae7a5e68d9aa4419b2e4</example>
1142
1159
  <example>cd844ad9671131f5464458a2ef58b7bc</example>
1143
1160
  <example>c32e2dc4d7caedd5cefc9d44cc4f62ec</example>
1161
+ <param pos="0" name="service.vendor" value="Cisco"/>
1162
+ <param pos="0" name="service.product" value="APIC"/>
1163
+ <param pos="0" name="service.certainty" value="0.5"/>
1164
+ <param pos="0" name="service.cpe23" value="cpe:/a:cisco:application_policy_infrastructure_controller:-"/>
1144
1165
  <param pos="0" name="hw.vendor" value="Cisco"/>
1145
1166
  <param pos="0" name="hw.product" value="APIC"/>
1146
1167
  <param pos="0" name="hw.device" value="Network Appliance"/>
@@ -1204,7 +1225,7 @@
1204
1225
  <description>ServerTech Sentry Switched CDU</description>
1205
1226
  <example>b56508cc967af50baddfd69596901dab</example>
1206
1227
  <param pos="0" name="hw.vendor" value="ServerTech"/>
1207
- <param pos="0" name="hw.device" value="Power device"/>
1228
+ <param pos="0" name="hw.device" value="Power Device"/>
1208
1229
  <param pos="0" name="hw.product" value="Sentry Switched CDU"/>
1209
1230
  <param pos="0" name="hw.certainty" value="0.5"/>
1210
1231
  </fingerprint>
@@ -1232,7 +1253,7 @@
1232
1253
  <param pos="0" name="os.product" value="Linux"/>
1233
1254
  <param pos="0" name="os.certainty" value="0.5"/>
1234
1255
  <param pos="0" name="hw.vendor" value="TRENDnet"/>
1235
- <param pos="0" name="hw.device" value="Web Cam"/>
1256
+ <param pos="0" name="hw.device" value="IP Camera"/>
1236
1257
  <param pos="0" name="hw.product" value="IP Camera"/>
1237
1258
  <param pos="0" name="hw.certainty" value="0.5"/>
1238
1259
  </fingerprint>
@@ -1240,7 +1261,7 @@
1240
1261
  <fingerprint pattern="^89167393768668c72fab6a9f025b5da6$">
1241
1262
  <description>APC Power Device</description>
1242
1263
  <example>89167393768668c72fab6a9f025b5da6</example>
1243
- <param pos="0" name="hw.device" value="Power device"/>
1264
+ <param pos="0" name="hw.device" value="Power Device"/>
1244
1265
  <param pos="0" name="hw.vendor" value="APC"/>
1245
1266
  </fingerprint>
1246
1267
 
@@ -1290,10 +1311,10 @@
1290
1311
  <description>Axis Network Camera</description>
1291
1312
  <example>a3fd8705f010b90e37d42128000f620b</example>
1292
1313
  <param pos="0" name="hw.vendor" value="AXIS"/>
1293
- <param pos="0" name="hw.device" value="Web cam"/>
1314
+ <param pos="0" name="hw.device" value="IP Camera"/>
1294
1315
  <param pos="0" name="hw.certainty" value="0.5"/>
1295
1316
  <param pos="0" name="os.vendor" value="AXIS"/>
1296
- <param pos="0" name="os.device" value="Web cam"/>
1317
+ <param pos="0" name="os.device" value="IP Camera"/>
1297
1318
  <param pos="0" name="os.family" value="Linux"/>
1298
1319
  <param pos="0" name="os.product" value="Linux"/>
1299
1320
  <param pos="0" name="os.certainty" value="0.5"/>
@@ -1417,7 +1438,7 @@
1417
1438
  <fingerprint pattern="^efe29d50711d9b093d8187e97cc0e593$">
1418
1439
  <description>Panduit PDU</description>
1419
1440
  <example>efe29d50711d9b093d8187e97cc0e593</example>
1420
- <param pos="0" name="hw.device" value="Power device"/>
1441
+ <param pos="0" name="hw.device" value="Power Device"/>
1421
1442
  <param pos="0" name="hw.vendor" value="Panduit"/>
1422
1443
  <param pos="0" name="hw.certainty" value="0.25"/>
1423
1444
  </fingerprint>
@@ -1426,7 +1447,7 @@
1426
1447
  <description>ScienceLogic EM7</description>
1427
1448
  <example>6eb3dbf248df10d70eab44dbf836cb77</example>
1428
1449
  <param pos="0" name="hw.vendor" value="Science Logic"/>
1429
- <param pos="0" name="hw.device" value="Network Management"/>
1450
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1430
1451
  <param pos="0" name="hw.product" value="EM7"/>
1431
1452
  <param pos="0" name="hw.certainty" value="0.5"/>
1432
1453
  </fingerprint>
@@ -1495,6 +1516,7 @@
1495
1516
  <param pos="0" name="os.family" value="Linux"/>
1496
1517
  <param pos="0" name="os.product" value="EdgeOS"/>
1497
1518
  <param pos="0" name="os.certainty" value="0.5"/>
1519
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
1498
1520
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
1499
1521
  <param pos="0" name="hw.device" value="Router"/>
1500
1522
  <param pos="0" name="hw.certainty" value="0.25"/>
@@ -1584,7 +1606,7 @@
1584
1606
  <description>Mobotix Network Camera</description>
1585
1607
  <example>d9526978908979fa5018db0bcc762aa0</example>
1586
1608
  <param pos="0" name="hw.vendor" value="Mobotix"/>
1587
- <param pos="0" name="hw.device" value="Web cam"/>
1609
+ <param pos="0" name="hw.device" value="IP Camera"/>
1588
1610
  <param pos="0" name="hw.product" value="IP Camera"/>
1589
1611
  <param pos="0" name="hw.certainty" value="0.5"/>
1590
1612
  </fingerprint>
@@ -1673,6 +1695,7 @@
1673
1695
  <param pos="0" name="os.product" value="DD OS"/>
1674
1696
  <param pos="0" name="os.device" value="Storage"/>
1675
1697
  <param pos="0" name="os.certainty" value="0.5"/>
1698
+ <param pos="0" name="os.cpe23" value="cpe:/o:dell:emc_data_domain_os:-"/>
1676
1699
  <param pos="0" name="hw.vendor" value="Data Domain"/>
1677
1700
  <param pos="0" name="hw.product" value="DD OS"/>
1678
1701
  <param pos="0" name="hw.device" value="Storage"/>