Mercurial > farol
changeset 54:8ffd3ec96f7c
Add Descriptions for the CVSS fields
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 08 Oct 2014 09:28:23 +0200 |
| parents | 249b3ad750b1 |
| children | 76cba17794ab |
| files | farol/templates/vulnerability/edit_cvss.j2 |
| diffstat | 1 files changed, 16 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/farol/templates/vulnerability/edit_cvss.j2 Tue Oct 07 17:08:28 2014 +0200 +++ b/farol/templates/vulnerability/edit_cvss.j2 Wed Oct 08 09:28:23 2014 +0200 @@ -24,18 +24,29 @@ -#} {% extends "base.j2" %} -{% from "macros.j2" import selectinput, textinput, textarea, selectinput2 %} +{% from "macros.j2" import selectinput, textinput, textarea, selectinput2, examples %} {% block title %}Edit CVSS{% endblock %} {% set active = 'vulnerability' %} {% block content %} +<p>The <strong>Score Set</strong> container holds actual CVSS metrics. For more details about CVSS, see {{ 'http://www.first.org/cvss/cvss-guide.html' | urlize }}. The only required element of CVSS is the <strong>Base Score</strong>. If a value of the temporal or environmental score is set to “not defined,” either <strong>Temporal Score</strong> or <strong>Environmental Score</strong> can be omitted.</p> +<p>A <strong>Score Set</strong> container can be tied to one or more specific products by referencing these products using the <strong>Product ID</strong> child element. If the <strong>Score Set</strong> is meant to be applied for all products, the <em>Product ID</em> attribute should be omitted.</p> <form role="form" method="POST"> -{{ textinput('basescore', "Base Score", '0.0', basescore, type="number", extras={'step':'0.1'}, required=True) }} -{{ textinput('temporalscore', "Temporal Score", '0.0', temporalscore, type="number", extras={'step':'0.1'}) }} -{{ textinput('environmentalscore', "Environmental Score", '0.0', environmentalscore, type="number", extras={'step':'0.1'}) }} -{{ textinput('vector', "Vector", value=vector) }} +{% call textinput('basescore', "Base Score", '0.0', basescore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}, required=True) %} +<p><strong>Base Score</strong> contains the numeric value of the computed CVSS base score, which should be a float from 0 to 10.0.</p> +{% endcall %} +{% call textinput('temporalscore', "Temporal Score", '0.0', temporalscore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}) %} +<p><strong>Temporal Score</strong> contains the numeric value of the computed CVSS temporal score, which should be a float from 0 to 10.0.</p> +{% endcall %} +{% call textinput('environmentalscore', "Environmental Score", '0.0', environmentalscore, type="number", extras={'step':'0.1', 'min': '0', 'max': '10'}) %} +<p><strong>Environmental Score</strong> contains the numeric value of the computed CVSS environmental score, which should be a float from 0 to 10.0. This metric is typically reserved for use by the end user and is specific to the environment in which the affected product is deployed.</p> +{% endcall %} +{% call textinput('vector', "Vector", value=vector, extras={'maxlength': '76'}) %} +<p><strong>Vector</strong> contains the official notation that displays all the values used to compute the CVSS base, temporal, and environmental scores. This notation will follow the guidelines set forth in the CVSS v2 documentation at {{ 'http://www.first.org/cvss/cvss-guide.html#i2.4' | urlize }}.</p> +{{ examples(['AV:N/AC:L/Au:N/C:P/I:P/A:C/E:P/RL:O/RC:C/CDP:H/TD:M/CR:H/IR:H/AR:H']) }} +{% endcall %} {{ selectinput2('products', "Products", products, productids, multiple=True) }}