Mercurial > farol > farol
view farol/templates/vulnerability/edit_cvss.j2 @ 54:8ffd3ec96f7c
Add Descriptions for the CVSS fields
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 08 Oct 2014 09:28:23 +0200 |
| parents | 4a9f23230eba |
| children |
line wrap: on
line source
{# # Description: # Web Template used in Farol Design # # Authors: # Benoît Allard <benoit.allard@greenbone.net> # # Copyright: # Copyright (C) 2014 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. -#} {% extends "base.j2" %} {% from "macros.j2" import selectinput, textinput, textarea, selectinput2, examples %} {% block title %}Edit CVSS{% endblock %} {% set active = 'vulnerability' %} {% block content %} <p>The <strong>Score Set</strong> container holds actual CVSS metrics. For more details about CVSS, see {{ 'http://www.first.org/cvss/cvss-guide.html' | urlize }}. The only required element of CVSS is the <strong>Base Score</strong>. If a value of the temporal or environmental score is set to “not defined,” either <strong>Temporal Score</strong> or <strong>Environmental Score</strong> can be omitted.</p> <p>A <strong>Score Set</strong> container can be tied to one or more specific products by referencing these products using the <strong>Product ID</strong> child element. If the <strong>Score Set</strong> is meant to be applied for all products, the <em>Product ID</em> attribute should be omitted.</p> <form role="form" method="POST"> {% call textinput('basescore', "Base Score", '0.0', basescore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}, required=True) %} <p><strong>Base Score</strong> contains the numeric value of the computed CVSS base score, which should be a float from 0 to 10.0.</p> {% endcall %} {% call textinput('temporalscore', "Temporal Score", '0.0', temporalscore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}) %} <p><strong>Temporal Score</strong> contains the numeric value of the computed CVSS temporal score, which should be a float from 0 to 10.0.</p> {% endcall %} {% call textinput('environmentalscore', "Environmental Score", '0.0', environmentalscore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}) %} <p><strong>Environmental Score</strong> contains the numeric value of the computed CVSS environmental score, which should be a float from 0 to 10.0. This metric is typically reserved for use by the end user and is specific to the environment in which the affected product is deployed.</p> {% endcall %} {% call textinput('vector', "Vector", value=vector, extras={'maxlength': '76'}) %} <p><strong>Vector</strong> contains the official notation that displays all the values used to compute the CVSS base, temporal, and environmental scores. This notation will follow the guidelines set forth in the CVSS v2 documentation at {{ 'http://www.first.org/cvss/cvss-guide.html#i2.4' | urlize }}.</p> {{ examples(['AV:N/AC:L/Au:N/C:P/I:P/A:C/E:P/RL:O/RC:C/CDP:H/TD:M/CR:H/IR:H/AR:H']) }} {% endcall %} {{ selectinput2('products', "Products", products, productids, multiple=True) }} <button class="btn btn-primary" type="submit">{{ action or 'Update' }}</button> <a class="btn btn-danger" href="{% if action=='Add' %}{{ url_for('.view', ordinal=ordinal) }}{% else %}{{ url_for('.view_cvss', ordinal=ordinal, index=index) }}{% endif %}">Cancel</a> </form> {% endblock %}