Merge pull request #2856 from greenbone/mergify/bp/master/pr-2854

Revert the changes from severity to score. (backport #2854)

CHANGELOG.md

@@ -97,7 +97,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Added the CVSS v3.1 BaseScore calculator to the `/cvsscalculator` page in the Help section. [#2536](https://github.com/greenbone/gsa/pull/2536)
 
 ### Changed
-
+- Revert the changes from integer `score` to a float `severity` [#2854](https://github.com/greenbone/gsa/pull/2854)
 - Show StartIcon for scheduled tasks [#2840](https://github.com/greenbone/gsa/pull/2840)
 - Remove solution from log NVTs [#2792](https://github.com/greenbone/gsa/pull/2792)
 - Don't show empty sections in result details [#2791](https://github.com/greenbone/gsa/pull/2791)
@@ -111,6 +111,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - CVE Tables Page can now be used with the updated xml-format and CVSSv3(.1). [#2583](https://github.com/greenbone/gsa/pull/2583)
 - The CVSS v2 BaseScore calculator calculates the score on the client side now. [#2536](https://github.com/greenbone/gsa/pull/2536)
 
+
 ### Fixed
 
 - Fixed setting comments of business process nodes [#2781](https://github.com/greenbone/gsa/pull/2781)

gsa/src/gmp/models/__tests__/certbund.js

@@ -35,12 +35,11 @@ describe('CertBundAdv model tests', () => {
 
   test('should parse severity', () => {
     const elem = {
-      score: '85',
+      severity: '8.5',
     };
     const certBundAdv = CertBundAdv.fromElement(elem);
 
     expect(certBundAdv.severity).toEqual(8.5);
-    expect(certBundAdv.score).toBeUndefined();
   });
 
   test('should return empty categories array if no advisory is given', () => {

gsa/src/gmp/models/__tests__/cpe.js

@@ -24,10 +24,9 @@ testModel(Cpe, 'cpe');
 
 describe('CPE model tests', () => {
   test('should parse severity correctly', () => {
-    const cpe = Cpe.fromElement({score: '50'});
-    const cpe2 = Cpe.fromElement({score: '100'});
+    const cpe = Cpe.fromElement({severity: '5.0'});
+    const cpe2 = Cpe.fromElement({severity: '10.0'});
 
-    expect(cpe.score).toBeUndefined();
     expect(cpe.severity).toEqual(5.0);
     expect(cpe2.severity).toEqual(10);
   });

gsa/src/gmp/models/__tests__/cve.js

@@ -47,7 +47,7 @@ describe('CVE model tests', () => {
 
   test('should parse severity', () => {
     const elem = {
-      score: '85',
+      severity: '8.5',
     };
     const cve = Cve.fromElement(elem);
 
@@ -132,7 +132,7 @@ describe('CVE model tests', () => {
   test('should parse CVSS metrics', () => {
     const elem = {
       cve: {
-        score: '100',
+        severity: '10.0',
         cvss_vector: 'AV:N/AC:L/Au:N/C:C/I:C/A:C',
       },
     };

gsa/src/gmp/models/__tests__/dfncert.js

@@ -30,10 +30,9 @@ describe('DfnCertAdv model tests', () => {
   });
 
   test('should parse severity correctly', () => {
-    const dfnCertAdv = DfnCertAdv.fromElement({score: '50'});
-    const dfnCertAdv2 = DfnCertAdv.fromElement({score: '100'});
+    const dfnCertAdv = DfnCertAdv.fromElement({severity: '5.0'});
+    const dfnCertAdv2 = DfnCertAdv.fromElement({severity: '10.0'});
 
-    expect(dfnCertAdv.score).toBeUndefined();
     expect(dfnCertAdv.severity).toEqual(5.0);
     expect(dfnCertAdv2.severity).toEqual(10);
   });

gsa/src/gmp/models/__tests__/nvt.js

@@ -161,27 +161,27 @@ describe('nvt Model tests', () => {
     const nvt1 = Nvt.fromElement({
       severities: {
         severity: {
-          score: 94,
+          score: 9.4,
           origin: 'Vendor',
           date: '2021-03-10T06:40:13Z',
         },
       },
-      cvss_base: '6.6',
+      score: '6.6',
     });
     const nvt2 = Nvt.fromElement({
       severities: {
         severity: {
-          score: 74,
+          score: 7.4,
           origin: 'Greenbone',
           date: '2020-03-10T06:40:13Z',
         },
       },
-      cvss_base: '',
+      score: '',
     });
     const nvt3 = Nvt.fromElement({
       severities: {
         severity: {
-          score: 10,
+          score: 1.0,
           origin: '',
         },
       },

gsa/src/gmp/models/__tests__/ovaldef.js

@@ -29,10 +29,9 @@ testModel(Ovaldef, 'ovaldef');
 
 describe('Ovaldef model tests', () => {
   test('should parse severity', () => {
-    const ovaldef = Ovaldef.fromElement({score: '85'});
+    const ovaldef = Ovaldef.fromElement({severity: '8.5'});
 
     expect(ovaldef.severity).toEqual(8.5);
-    expect(ovaldef.score).toBeUndefined();
   });
 
   test('should parse deprecated', () => {

gsa/src/gmp/models/certbund.js

@@ -28,8 +28,7 @@ class CertBundAdv extends Info {
   static parseElement(element) {
     const ret = super.parseElement(element, 'cert_bund_adv');
 
-    ret.severity = parseSeverity(ret.score / 10);
-    delete ret.score;
+    ret.severity = parseSeverity(ret.severity);
 
     ret.categories = [];
     ret.description = [];

gsa/src/gmp/models/cpe.js

@@ -22,7 +22,7 @@ import {map} from 'gmp/utils/array';
 
 import Info from './info';
 
-import {parseScoreToSeverity, parseSeverity, parseDate} from 'gmp/parser';
+import {parseSeverity, parseScoreToSeverity, parseDate} from 'gmp/parser';
 
 class Cpe extends Info {
   static entityType = 'cpe';
@@ -38,9 +38,7 @@ class Cpe extends Info {
 
   static parseElement(element) {
     const ret = super.parseElement(element, 'cpe');
-
-    ret.severity = parseScoreToSeverity(ret.score);
-    delete ret.score;
+    ret.severity = parseSeverity(ret.severity);
 
     ret.cveRefCount = ret.cve_refs;
     delete ret.cve_refs;

gsa/src/gmp/models/cve.js

@@ -39,10 +39,14 @@ class Cve extends Info {
     } else if (hasValue(ret.cvssV2Vector)) {
       ret.vector = ret.cvssV2Vector;
     } else {
-      ret.vector = null;
+      ret.vector = undefined;
     }
 
-    ret.severity = parseSeverity(ret.score / 10);
+    ret.severity = parseSeverity(ret.score);
+
+    if (!hasValue(ret.refs)) {
+      ret.refs = [];
+    }
 
     return ret;
   }
@@ -54,9 +58,7 @@ class Cve extends Info {
       ret.updateTime = parseDate(ret.update_time);
       delete ret.update_time;
     }
-    // divide by ten because we now use integer 0-100 in cves
-    ret.severity = parseSeverity(ret.score / 10);
-    delete ret.cvss;
+    ret.severity = parseSeverity(ret.severity);
 
     if (isDefined(ret.nvts)) {
       ret.nvtRefs = map(ret.nvts.nvt, nvt => {

gsa/src/gmp/models/dfncert.js

@@ -27,9 +27,7 @@ class DfnCertAdv extends Info {
 
   static parseElement(element) {
     const ret = super.parseElement(element, 'dfn_cert_adv');
-
-    ret.severity = parseSeverity(ret.score / 10);
-    delete ret.score;
+    ret.severity = parseSeverity(ret.severity);
 
     const {raw_data} = ret;
 

gsa/src/gmp/models/nvt.js

@@ -164,8 +164,8 @@ class Nvt extends Info {
 
     if (isDefined(ret.severities)) {
       const {severity} = ret.severities;
-      ret.severity = parseSeverity(severity?.score / 10);
-      ret.severityOrigin = parseText(severity?.origin);
+      ret.severity = parseSeverity(severity.score);
+      ret.severityOrigin = parseText(severity.origin);
       ret.severityDate = parseDate(severity.date);
     } else {
       ret.severity = parseSeverity(ret.cvss_base);
@@ -178,7 +178,7 @@ class Nvt extends Info {
       const solutionMethod = ret.solution._method;
       ret.solution = {
         type: isEmpty(solutionType) ? undefined : solutionType,
-        description:  isEmpty(solutionText) ? undefined : solutionText,
+        description: isEmpty(solutionText) ? undefined : solutionText,
         method: isEmpty(solutionMethod) ? undefined : solutionMethod,
       };
     }

gsa/src/gmp/models/ovaldef.js

@@ -74,8 +74,7 @@ class Ovaldef extends Info {
   static parseElement(element) {
     const ret = super.parseElement(element, 'ovaldef');
 
-    ret.severity = parseSeverity(ret.score / 10);
-    delete ret.score;
+    ret.severity = parseSeverity(ret.severity);
 
     const {raw_data} = ret;
 

gsa/src/web/graphql/__mocks__/cves.js

@@ -38,7 +38,7 @@ export const cveEntity = deepFreeze({
   userTags: null,
   updateTime: '2020-09-29T12:16:50+00:00',
   cvssVector: 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N',
-  score: 55,
+  score: 5.5,
   cvssV2Vector: {
     integrity: 'NONE',
     accessComplexity: 'MEDIUM',

gsa/src/web/pages/cves/__tests__/row.js

@@ -39,7 +39,7 @@ const entity = Cve.fromElement({
   name: 'CVE-2020-9992',
   cvss_vector: 'AV:N/AC:M/Au:N/C:C/I:C/A:C',
   creationTime: '2020-10-22T19:15:00Z',
-  score: '93',
+  severity: '9.3',
   description: 'foo bar baz',
   usage_type: 'cve',
 });
@@ -127,7 +127,7 @@ const entity_v3 = Cve.fromElement({
   name: 'CVE-2020-9992',
   cvss_vector: 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H',
   creationTime: '2020-10-22T19:15:00Z',
-  score: '71',
+  severity: '7.1',
   description: 'foo bar baz',
   usage_type: 'cve',
 });

gsa/src/web/pages/cves/details.js

@@ -21,6 +21,7 @@ import React from 'react';
 import {_, _l} from 'gmp/locale/lang';
 
 import {isDefined, hasValue} from 'gmp/utils/identity';
+import {isEmpty} from 'gmp/utils/string';
 
 import SeverityBar from 'web/components/bar/severitybar';
 
@@ -72,7 +73,7 @@ const CveDetails = ({entity}) => {
                 <SeverityBar severity={severity} />
               </TableData>
             </TableRow>
-            {hasValue(cvssVector) && (
+            {!isEmpty(cvssVector) && (
               <TableRow>
                 <TableData>{_('Base Vector')}</TableData>
                 <TableData>