recog 2.3.16 → 2.3.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,3 +1,3 @@
1
1
  module Recog
2
- VERSION = '2.3.16'
2
+ VERSION = '2.3.17'
3
3
  end
@@ -1,2 +1,2 @@
1
- lxml==4.5.1
1
+ lxml==4.6.2
2
2
  pyyaml
@@ -1,10 +1,10 @@
1
1
  #!/usr/bin/env python
2
2
 
3
- import yaml
4
3
  import logging
5
4
  import re
6
5
  import sys
7
6
 
7
+ import yaml
8
8
  from lxml import etree
9
9
 
10
10
  def parse_r7_remapping(file):
@@ -20,9 +20,9 @@ def parse_cpe_vp_map(file):
20
20
  cpe_match = re.match('^cpe:/([aho]):([^:]+):([^:]+)', cpe_name)
21
21
  if cpe_match:
22
22
  cpe_type, vendor, product = cpe_match.group(1, 2, 3)
23
- if not cpe_type in vp_map:
23
+ if cpe_type not in vp_map:
24
24
  vp_map[cpe_type] = {}
25
- if not vendor in vp_map[cpe_type]:
25
+ if vendor not in vp_map[cpe_type]:
26
26
  vp_map[cpe_type][vendor] = set()
27
27
  product = product.replace('%2f', '/')
28
28
  vp_map[cpe_type][vendor].add(product)
@@ -34,12 +34,12 @@ def parse_cpe_vp_map(file):
34
34
  def main():
35
35
  if len(sys.argv) != 4:
36
36
  logging.critical("Expecting exactly 3 arguments; recog XML file, CPE 2.3 XML dictionary, JSON remapping, got %s", (len(sys.argv) - 1))
37
- exit(1)
37
+ sys.exit(1)
38
38
 
39
39
  cpe_vp_map = parse_cpe_vp_map(sys.argv[2])
40
40
  if not cpe_vp_map:
41
41
  logging.critical("No CPE vendor => product mappings read from CPE 2.3 XML dictionary %s", sys.argv[2])
42
- exit(1)
42
+ sys.exit(1)
43
43
 
44
44
  r7_vp_map = parse_r7_remapping(sys.argv[3])
45
45
  if not r7_vp_map:
@@ -47,6 +47,82 @@ def main():
47
47
 
48
48
  update_cpes(sys.argv[1], cpe_vp_map, r7_vp_map)
49
49
 
50
+ def lookup_cpe(vendor, product, cpe_type, cpe_table, remap):
51
+ """Identify the correct vendor and product values for a CPE
52
+
53
+ This function attempts to determine the correct CPE using vendor and product
54
+ values supplied by the caller as well as a remapping dictionary for mapping
55
+ these values to more correct values used by NIST.
56
+
57
+ For example, the remapping might tell us that a value of 'alpine' for the
58
+ vendor string should be 'aplinelinux' instead, or for product 'solaris'
59
+ should be 'sunos'.
60
+
61
+ This function should only emit values seen in the official NIST CPE list
62
+ which is provided to it in cpe_table.
63
+
64
+ Lookup priority:
65
+ 1. Original vendor / product
66
+ 2. Original vendor / remap product
67
+ 3. Remap vendor / original product
68
+ 4. Remap vendor / remap product
69
+
70
+ Args:
71
+ vendor (str): vendor name
72
+ product (str): product name
73
+ cpe_type (str): CPE type - o, a, h, etc.
74
+ cpe_table (dict): dict containing the official NIST CPE data
75
+ remap (dict): dict containing the remapping values
76
+ Returns:
77
+ success, vendor, product
78
+ """
79
+
80
+ if (
81
+ vendor in cpe_table[cpe_type]
82
+ and product in cpe_table[cpe_type][vendor]
83
+ ):
84
+ # Hot path, success with original values
85
+ return True, vendor, product
86
+
87
+ # Everything else depends on a remap of some sort.
88
+ # get the remappings for this one vendor string.
89
+ vendor_remap = remap.get(vendor, None)
90
+
91
+ if vendor_remap:
92
+ # If we have product remappings, work that angle next
93
+ possible_product = None
94
+ if (
95
+ vendor_remap.get('products', None)
96
+ and product in vendor_remap['products']
97
+ ):
98
+ possible_product = vendor_remap['products'][product]
99
+
100
+ if (vendor in cpe_table[cpe_type]
101
+ and possible_product
102
+ and possible_product in cpe_table[cpe_type][vendor]):
103
+ # Found original vendor, remap product
104
+ return True, vendor, possible_product
105
+
106
+ # Start working the process to find a match with a remapped vendor name
107
+ if vendor_remap.get('vendor', None):
108
+ new_vendor = vendor_remap['vendor']
109
+
110
+ if new_vendor in cpe_table[cpe_type]:
111
+
112
+ if product in cpe_table[cpe_type][new_vendor]:
113
+ # Found remap vendor, original product
114
+ return True, new_vendor, product
115
+
116
+ if possible_product and possible_product in cpe_table[cpe_type][new_vendor]:
117
+ # Found remap vendor, remap product
118
+ return True, new_vendor, possible_product
119
+
120
+
121
+ logging.error("Product %s from vendor %s invalid for CPE %s and no mapping",
122
+ product, vendor, cpe_type)
123
+ return False, None, None
124
+
125
+
50
126
  def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
51
127
  parser = etree.XMLParser(remove_comments=False, remove_blank_text=True)
52
128
  doc = etree.parse(xml_file, parser)
@@ -121,44 +197,16 @@ def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
121
197
  if (vendor.startswith('{') and vendor.endswith('}')) or (product.startswith('{') and product.endswith('}')):
122
198
  continue
123
199
 
124
- remapped_vendor = False
125
- og_vendor = vendor
126
- if not vendor in cpe_vp_map[cpe_type]:
127
- if vendor in r7_vp_map:
128
- vendor = r7_vp_map[vendor]['vendor']
129
- remapped_vendor = True
130
- if not vendor in cpe_vp_map[cpe_type]:
131
- logging.error("Remapped vendor %s (remapped from %s) invalid for CPE %s (product %s)", vendor, og_vendor, cpe_type, product)
132
- continue
133
- else:
134
- logging.error("Vendor %s invalid for CPE %s and no remapping (product %s)", vendor, cpe_type, product)
135
- continue
136
-
137
-
138
- # if the product as specified is not found in the CPE dictionary for this vendor
139
- if not product in cpe_vp_map[cpe_type][vendor]:
140
- # if this vendor has a remapping from R7
141
- if og_vendor in r7_vp_map and 'products' in r7_vp_map[og_vendor]:
142
- # if this product has a remapping for this vendor from R7
143
- if product in r7_vp_map[og_vendor]['products']:
144
- og_product = product
145
- product = r7_vp_map[og_vendor]['products'][product]
146
- # ensure that the remapped product is valid for the given vendor in CPE
147
- if not product in cpe_vp_map[cpe_type][vendor]:
148
- logging.error("Remapped product %s (remapped from %s) from vendor %s invalid for CPE %s", product, og_product, vendor, cpe_type)
149
- continue
150
- else:
151
- if remapped_vendor:
152
- logging.error("Product %s from vendor %s (remapped from %s) invalid for CPE %s and no mapping", product, vendor, og_vendor, cpe_type)
153
- else:
154
- logging.error("Product %s from vendor %s invalid for CPE %s and no mapping", product, vendor, cpe_type)
155
- continue
156
- else:
157
- if remapped_vendor:
158
- logging.error("Vendor %s (remapped from %s) is valid for CPE %s but product %s not valid and no mapping", vendor, og_vendor, cpe_type, product)
159
- else:
160
- logging.error("Vendor %s is valid for CPE %s but product %s not valid and no mapping", vendor, cpe_type, product)
161
- continue
200
+ success, vendor, product = lookup_cpe(vendor, product, cpe_type, cpe_vp_map, r7_vp_map)
201
+ if not success:
202
+ continue
203
+
204
+ # Sanity check the value to ensure that no invalid values will
205
+ # slip in due to logic or mapping bugs.
206
+ # If it's not in the official NIST list then log it and kick it out
207
+ if product not in cpe_vp_map[cpe_type][vendor]:
208
+ logging.error("Invalid CPE type %s created for vendor %s and product %s. This may be due to an invalid mapping.", cpe_type, vendor, product)
209
+ continue
162
210
 
163
211
  # building the CPE string
164
212
  # Last minute escaping of '/'
@@ -185,5 +233,5 @@ def update_cpes(xml_file, cpe_vp_map, r7_vp_map):
185
233
  xml_out.write(etree.tostring(root, pretty_print=True, xml_declaration=True, encoding=doc.docinfo.encoding))
186
234
 
187
235
  if __name__ == '__main__':
188
- try: exit(main())
236
+ try: sys.exit(main())
189
237
  except KeyboardInterrupt: pass
@@ -761,6 +761,21 @@
761
761
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:Service Pack 1"/>
762
762
  </fingerprint>
763
763
 
764
+ <fingerprint pattern="^Microsoft DNS 5.2.3790(?: \(([^)]+)\))?$">
765
+ <description>Microsoft DNS on Windows 2003</description>
766
+ <example service.version.version="ECE135D">Microsoft DNS 5.2.3790 (ECE135D)</example>
767
+ <param pos="0" name="service.vendor" value="Microsoft"/>
768
+ <param pos="0" name="service.family" value="DNS"/>
769
+ <param pos="0" name="service.product" value="DNS"/>
770
+ <param pos="0" name="service.version" value="5.2.3790"/>
771
+ <param pos="1" name="service.version.version"/>
772
+ <param pos="0" name="os.vendor" value="Microsoft"/>
773
+ <param pos="0" name="os.family" value="Windows"/>
774
+ <param pos="0" name="os.product" value="Windows Server 2003"/>
775
+ <param pos="0" name="os.build" value="5.2.3790"/>
776
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
777
+ </fingerprint>
778
+
764
779
  <fingerprint pattern="^DNSServer$">
765
780
  <description>Synology DNS service</description>
766
781
  <example>DNSServer</example>
@@ -21,6 +21,7 @@
21
21
  <param pos="0" name="service.vendor" value="Munin"/>
22
22
  <param pos="0" name="service.product" value="Munin"/>
23
23
  <param pos="0" name="service.certainty" value="0.5"/>
24
+ <param pos="0" name="service.cpe23" value="cpe:/a:munin-monitoring:munin:-"/>
24
25
  </fingerprint>
25
26
 
26
27
  <fingerprint pattern="^ce849e0d986f73c97aa81290c2052164$">
@@ -57,6 +58,7 @@
57
58
  <param pos="0" name="service.vendor" value="Drupal"/>
58
59
  <param pos="0" name="service.product" value="CMS"/>
59
60
  <param pos="0" name="service.certainty" value="0.5"/>
61
+ <param pos="0" name="service.cpe23" value="cpe:/a:drupal:drupal:-"/>
60
62
  </fingerprint>
61
63
 
62
64
  <fingerprint pattern="^91b72b23e7f499d6c09cb18c7b1278f1$">
@@ -65,6 +67,7 @@
65
67
  <param pos="0" name="service.vendor" value="Kodi"/>
66
68
  <param pos="0" name="service.product" value="Media Server"/>
67
69
  <param pos="0" name="service.certainty" value="0.5"/>
70
+ <param pos="0" name="service.cpe23" value="cpe:/a:kodi:kodi:-"/>
68
71
  </fingerprint>
69
72
 
70
73
  <fingerprint pattern="^d403850756671a93ca205b8128140494$">
@@ -111,8 +114,9 @@
111
114
  <description>Moodle</description>
112
115
  <example>135aed33c0a7b8f44f0227a71b9ce345</example>
113
116
  <param pos="0" name="service.vendor" value="Moodle"/>
114
- <param pos="0" name="service.product" value="Moodle CMS"/>
117
+ <param pos="0" name="service.product" value="Moodle"/>
115
118
  <param pos="0" name="service.certainty" value="0.5"/>
119
+ <param pos="0" name="service.cpe23" value="cpe:/a:moodle:moodle:-"/>
116
120
  </fingerprint>
117
121
 
118
122
  <fingerprint pattern="^23ab9cf3907dfc3b047d8b14e7303d0d$">
@@ -146,6 +150,7 @@
146
150
  <param pos="0" name="service.vendor" value="ownCloud"/>
147
151
  <param pos="0" name="service.product" value="ownCloud Server"/>
148
152
  <param pos="0" name="service.certainty" value="0.5"/>
153
+ <param pos="0" name="service.cpe23" value="cpe:/a:owncloud:owncloud:-"/>
149
154
  </fingerprint>
150
155
 
151
156
  <fingerprint pattern="^da897184fba34d5fe72148963f42b577$">
@@ -168,8 +173,10 @@
168
173
  <description>Metasploit Pro</description>
169
174
  <example>08ff173efec0750dd29ac7f44d972427</example>
170
175
  <param pos="0" name="service.vendor" value="Rapid7"/>
171
- <param pos="0" name="service.product" value="Metasploit Pro"/>
176
+ <param pos="0" name="service.product" value="Metasploit"/>
177
+ <param pos="0" name="service.edition" value="Pro"/>
172
178
  <param pos="0" name="service.certainty" value="0.5"/>
179
+ <param pos="0" name="service.cpe23" value="cpe:/a:rapid7:metasploit:-"/>
173
180
  </fingerprint>
174
181
 
175
182
  <fingerprint pattern="^23671ccca2849ae58d1b04c218013382$">
@@ -236,8 +243,9 @@
236
243
  <description>Swagger UI</description>
237
244
  <example>f983f318b0f0dff7a9303973f36ec45a</example>
238
245
  <param pos="0" name="service.vendor" value="Swagger"/>
239
- <param pos="0" name="service.product" value="UI"/>
246
+ <param pos="0" name="service.product" value="Swagger UI"/>
240
247
  <param pos="0" name="service.certainty" value="0.5"/>
248
+ <param pos="0" name="service.cpe23" value="cpe:/a:smartbear:swagger_ui:-"/>
241
249
  </fingerprint>
242
250
 
243
251
  <fingerprint pattern="^1c4201c7da53d6c7e48251d3a9680449$">
@@ -272,6 +280,7 @@
272
280
  <param pos="0" name="service.vendor" value="Progress"/>
273
281
  <param pos="0" name="service.product" value="OpenEdge Explorer"/>
274
282
  <param pos="0" name="service.certainty" value="0.5"/>
283
+ <param pos="0" name="service.cpe23" value="cpe:/a:progress:openedge:-"/>
275
284
  </fingerprint>
276
285
 
277
286
  <fingerprint pattern="^297a81069094d00a052733d3a0537d18$">
@@ -280,6 +289,7 @@
280
289
  <param pos="0" name="service.vendor" value="CrushFTP"/>
281
290
  <param pos="0" name="service.product" value="CrushFTP Web Interface"/>
282
291
  <param pos="0" name="service.certainty" value="0.5"/>
292
+ <param pos="0" name="service.cpe23" value="cpe:/a:crushftp:crushftp:-"/>
283
293
  </fingerprint>
284
294
 
285
295
  <fingerprint pattern="^f7728520c81b7a303d8e54d282e13a16$">
@@ -413,7 +423,7 @@
413
423
  <example>5856edf7bcbea0817312d9e535e5eb2a</example>
414
424
  <example>f4f3cb900258441d5dbc9105b7ab9b44</example>
415
425
  <example>c6acedaff906029fc5455d9ec52c7f42</example>
416
- <param pos="0" name="service.vendor" value="VMWare"/>
426
+ <param pos="0" name="service.vendor" value="VMware"/>
417
427
  <param pos="0" name="service.product" value="Horizon"/>
418
428
  <param pos="0" name="service.certainty" value="0.5"/>
419
429
  <param pos="0" name="service.cpe23" value="cpe:/a:vmware:horizon:-"/>
@@ -501,6 +511,7 @@
501
511
  <param pos="0" name="service.vendor" value="Lynx Technology"/>
502
512
  <param pos="0" name="service.product" value="Twonky Media Server"/>
503
513
  <param pos="0" name="service.certainty" value="0.5"/>
514
+ <param pos="0" name="service.cpe23" value="cpe:/a:lynxtechnology:twonky_server:-"/>
504
515
  </fingerprint>
505
516
 
506
517
  <fingerprint pattern="^d14310fffe94d78c0da0c8fadb993f78$">
@@ -958,7 +969,7 @@
958
969
  <description>D-Link Network Camera</description>
959
970
  <example>842c79ab11f38323fc554afbea5c990a</example>
960
971
  <param pos="0" name="hw.vendor" value="D-Link"/>
961
- <param pos="0" name="hw.device" value="Web cam"/>
972
+ <param pos="0" name="hw.device" value="IP Camera"/>
962
973
  <param pos="0" name="hw.product" value="DCS-932"/>
963
974
  <param pos="0" name="os.certainty" value="0.5"/>
964
975
  </fingerprint>
@@ -970,15 +981,21 @@
970
981
  <param pos="0" name="os.family" value="Linux"/>
971
982
  <param pos="0" name="os.product" value="EdgeOS"/>
972
983
  <param pos="0" name="os.certainty" value="0.5"/>
984
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
973
985
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
974
986
  <param pos="0" name="hw.product" value="EdgeSwitch"/>
975
987
  <param pos="0" name="hw.certainty" value="0.5"/>
988
+ <param pos="0" name="hw.cpe23" value="cpe:/h:ui:edgeswitch:-"/>
976
989
  </fingerprint>
977
990
 
978
991
  <fingerprint pattern="^(?:7da8813873190b6e3d7d8957d798bd1e|31ccf4e22ba33dbec54cc357a43a36d3)$">
979
992
  <description>OpenMediaVault</description>
980
993
  <example>7da8813873190b6e3d7d8957d798bd1e</example>
981
994
  <example>31ccf4e22ba33dbec54cc357a43a36d3</example>
995
+ <param pos="0" name="service.vendor" value="OpenMediaVault"/>
996
+ <param pos="0" name="service.product" value="OpenMediaVault"/>
997
+ <param pos="0" name="service.certainty" value="0.5"/>
998
+ <param pos="0" name="service.cpe23" value="cpe:/a:openmediavault:openmediavault:-"/>
982
999
  <param pos="0" name="os.vendor" value="OpenMediaVault"/>
983
1000
  <param pos="0" name="os.family" value="Linux"/>
984
1001
  <param pos="0" name="os.product" value="OpenMediaVault"/>
@@ -990,11 +1007,11 @@
990
1007
  <description>ELAN Network Camera</description>
991
1008
  <example>9dac0d6bad34f38552361f3a3b5bab16</example>
992
1009
  <param pos="0" name="hw.vendor" value="ELAN"/>
993
- <param pos="0" name="hw.device" value="Web cam"/>
1010
+ <param pos="0" name="hw.device" value="IP Camera"/>
994
1011
  <param pos="0" name="hw.product" value="HDIPCam"/>
995
1012
  <param pos="0" name="hw.certainty" value="0.5"/>
996
1013
  <param pos="0" name="os.vendor" value="ELAN"/>
997
- <param pos="0" name="os.device" value="Web cam"/>
1014
+ <param pos="0" name="os.device" value="IP Camera"/>
998
1015
  <param pos="0" name="os.family" value="Linux"/>
999
1016
  <param pos="0" name="os.certainty" value="0.5"/>
1000
1017
  </fingerprint>
@@ -1024,7 +1041,7 @@
1024
1041
  <description>Genetec AutoVu SharpV ALPR Camera</description>
1025
1042
  <example>979d9a884c322862e6830f61e2c378e6</example>
1026
1043
  <param pos="0" name="hw.vendor" value="Genetec"/>
1027
- <param pos="0" name="hw.device" value="Web cam"/>
1044
+ <param pos="0" name="hw.device" value="IP Camera"/>
1028
1045
  <param pos="0" name="hw.product" value="AutoVu SharpV"/>
1029
1046
  <param pos="0" name="hw.certainty" value="0.5"/>
1030
1047
  </fingerprint>
@@ -1048,7 +1065,7 @@
1048
1065
  <description>IQinVision IQeye Network Camera</description>
1049
1066
  <example>665f96fcdcc9da0ab89312acc02fa815</example>
1050
1067
  <param pos="0" name="hw.vendor" value="IQinVision"/>
1051
- <param pos="0" name="hw.device" value="Web cam"/>
1068
+ <param pos="0" name="hw.device" value="IP Camera"/>
1052
1069
  <param pos="0" name="hw.certainty" value="0.5"/>
1053
1070
  </fingerprint>
1054
1071
 
@@ -1141,6 +1158,10 @@
1141
1158
  <example>af13b379bdb4ae7a5e68d9aa4419b2e4</example>
1142
1159
  <example>cd844ad9671131f5464458a2ef58b7bc</example>
1143
1160
  <example>c32e2dc4d7caedd5cefc9d44cc4f62ec</example>
1161
+ <param pos="0" name="service.vendor" value="Cisco"/>
1162
+ <param pos="0" name="service.product" value="APIC"/>
1163
+ <param pos="0" name="service.certainty" value="0.5"/>
1164
+ <param pos="0" name="service.cpe23" value="cpe:/a:cisco:application_policy_infrastructure_controller:-"/>
1144
1165
  <param pos="0" name="hw.vendor" value="Cisco"/>
1145
1166
  <param pos="0" name="hw.product" value="APIC"/>
1146
1167
  <param pos="0" name="hw.device" value="Network Appliance"/>
@@ -1204,7 +1225,7 @@
1204
1225
  <description>ServerTech Sentry Switched CDU</description>
1205
1226
  <example>b56508cc967af50baddfd69596901dab</example>
1206
1227
  <param pos="0" name="hw.vendor" value="ServerTech"/>
1207
- <param pos="0" name="hw.device" value="Power device"/>
1228
+ <param pos="0" name="hw.device" value="Power Device"/>
1208
1229
  <param pos="0" name="hw.product" value="Sentry Switched CDU"/>
1209
1230
  <param pos="0" name="hw.certainty" value="0.5"/>
1210
1231
  </fingerprint>
@@ -1232,7 +1253,7 @@
1232
1253
  <param pos="0" name="os.product" value="Linux"/>
1233
1254
  <param pos="0" name="os.certainty" value="0.5"/>
1234
1255
  <param pos="0" name="hw.vendor" value="TRENDnet"/>
1235
- <param pos="0" name="hw.device" value="Web Cam"/>
1256
+ <param pos="0" name="hw.device" value="IP Camera"/>
1236
1257
  <param pos="0" name="hw.product" value="IP Camera"/>
1237
1258
  <param pos="0" name="hw.certainty" value="0.5"/>
1238
1259
  </fingerprint>
@@ -1240,7 +1261,7 @@
1240
1261
  <fingerprint pattern="^89167393768668c72fab6a9f025b5da6$">
1241
1262
  <description>APC Power Device</description>
1242
1263
  <example>89167393768668c72fab6a9f025b5da6</example>
1243
- <param pos="0" name="hw.device" value="Power device"/>
1264
+ <param pos="0" name="hw.device" value="Power Device"/>
1244
1265
  <param pos="0" name="hw.vendor" value="APC"/>
1245
1266
  </fingerprint>
1246
1267
 
@@ -1290,10 +1311,10 @@
1290
1311
  <description>Axis Network Camera</description>
1291
1312
  <example>a3fd8705f010b90e37d42128000f620b</example>
1292
1313
  <param pos="0" name="hw.vendor" value="AXIS"/>
1293
- <param pos="0" name="hw.device" value="Web cam"/>
1314
+ <param pos="0" name="hw.device" value="IP Camera"/>
1294
1315
  <param pos="0" name="hw.certainty" value="0.5"/>
1295
1316
  <param pos="0" name="os.vendor" value="AXIS"/>
1296
- <param pos="0" name="os.device" value="Web cam"/>
1317
+ <param pos="0" name="os.device" value="IP Camera"/>
1297
1318
  <param pos="0" name="os.family" value="Linux"/>
1298
1319
  <param pos="0" name="os.product" value="Linux"/>
1299
1320
  <param pos="0" name="os.certainty" value="0.5"/>
@@ -1417,7 +1438,7 @@
1417
1438
  <fingerprint pattern="^efe29d50711d9b093d8187e97cc0e593$">
1418
1439
  <description>Panduit PDU</description>
1419
1440
  <example>efe29d50711d9b093d8187e97cc0e593</example>
1420
- <param pos="0" name="hw.device" value="Power device"/>
1441
+ <param pos="0" name="hw.device" value="Power Device"/>
1421
1442
  <param pos="0" name="hw.vendor" value="Panduit"/>
1422
1443
  <param pos="0" name="hw.certainty" value="0.25"/>
1423
1444
  </fingerprint>
@@ -1426,7 +1447,7 @@
1426
1447
  <description>ScienceLogic EM7</description>
1427
1448
  <example>6eb3dbf248df10d70eab44dbf836cb77</example>
1428
1449
  <param pos="0" name="hw.vendor" value="Science Logic"/>
1429
- <param pos="0" name="hw.device" value="Network Management"/>
1450
+ <param pos="0" name="hw.device" value="Network Management Device"/>
1430
1451
  <param pos="0" name="hw.product" value="EM7"/>
1431
1452
  <param pos="0" name="hw.certainty" value="0.5"/>
1432
1453
  </fingerprint>
@@ -1495,6 +1516,7 @@
1495
1516
  <param pos="0" name="os.family" value="Linux"/>
1496
1517
  <param pos="0" name="os.product" value="EdgeOS"/>
1497
1518
  <param pos="0" name="os.certainty" value="0.5"/>
1519
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
1498
1520
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
1499
1521
  <param pos="0" name="hw.device" value="Router"/>
1500
1522
  <param pos="0" name="hw.certainty" value="0.25"/>
@@ -1584,7 +1606,7 @@
1584
1606
  <description>Mobotix Network Camera</description>
1585
1607
  <example>d9526978908979fa5018db0bcc762aa0</example>
1586
1608
  <param pos="0" name="hw.vendor" value="Mobotix"/>
1587
- <param pos="0" name="hw.device" value="Web cam"/>
1609
+ <param pos="0" name="hw.device" value="IP Camera"/>
1588
1610
  <param pos="0" name="hw.product" value="IP Camera"/>
1589
1611
  <param pos="0" name="hw.certainty" value="0.5"/>
1590
1612
  </fingerprint>
@@ -1673,6 +1695,7 @@
1673
1695
  <param pos="0" name="os.product" value="DD OS"/>
1674
1696
  <param pos="0" name="os.device" value="Storage"/>
1675
1697
  <param pos="0" name="os.certainty" value="0.5"/>
1698
+ <param pos="0" name="os.cpe23" value="cpe:/o:dell:emc_data_domain_os:-"/>
1676
1699
  <param pos="0" name="hw.vendor" value="Data Domain"/>
1677
1700
  <param pos="0" name="hw.product" value="DD OS"/>
1678
1701
  <param pos="0" name="hw.device" value="Storage"/>