vrt-ruby/spec/sample_vrt/999.999/mappings/cvss_v4/cvss_v4.json at 35a8ec92b43568c5a6a79bcfa9ba41c395b524a1 · bugcrowd/vrt-ruby · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
{
  "metadata": {
    "default": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
  },
  "content": [
    {
      "id": "server_security_misconfiguration",
      "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "children": [
        {
          "id": "unsafe_cross_origin_resource_sharing",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
        },
        {
          "id": "ssl_attack_breach_poodle_etc",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"
        },
        {
          "id": "using_default_credentials",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"
        },
        {
          "id": "misconfigured_dns",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N"
        }
      ]
    },
    {
      "id": "server_side_injection",
      "children": [
        {
          "id": "file_inclusion",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"
        },
        {
          "id": "remote_code_execution_rce",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
        },
        {
          "id": "sql_injection",
          "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"
        }
      ]
    },
    {
      "id": "unvalidated_redirects_and_forwards",
      "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
      "children": [
        {
          "id": "open_redirect",
          "children": [
            {
              "id": "get_based",
              "cvss_v4": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
            }
          ]
        }
      ]
    },
    {
      "id": "broken_authentication_and_session_management",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "insecure_direct_object_references_idor",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "sensitive_data_exposure",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "cross_site_scripting_xss",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "missing_function_level_access_control",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "cross_site_request_forgery_csrf",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "application_level_denial_of_service_dos",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "external_behavior",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "insufficient_security_configurability",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "using_components_with_known_vulnerabilities",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "insecure_data_storage",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "lack_of_binary_hardening",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "insecure_data_transport",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "insecure_os_firmware",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "broken_cryptography",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "privacy_concerns",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "network_security_misconfiguration",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "mobile_security_misconfiguration",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "client_side_injection",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    },
    {
      "id": "vrt_category_only_in_test",
      "cvss_v4": "CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N"
    }
  ]
}