diff --git a/CHANGELOG.md b/CHANGELOG.md
index d5aa7364f0..932cfbc93c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -97,7 +97,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Added the CVSS v3.1 BaseScore calculator to the `/cvsscalculator` page in the Help section. [#2536](https://github.com/greenbone/gsa/pull/2536)
### Changed
-
+- Revert the changes from integer `score` to a float `severity` [#2854](https://github.com/greenbone/gsa/pull/2854)
- Show StartIcon for scheduled tasks [#2840](https://github.com/greenbone/gsa/pull/2840)
- Remove solution from log NVTs [#2792](https://github.com/greenbone/gsa/pull/2792)
- Don't show empty sections in result details [#2791](https://github.com/greenbone/gsa/pull/2791)
@@ -111,6 +111,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- CVE Tables Page can now be used with the updated xml-format and CVSSv3(.1). [#2583](https://github.com/greenbone/gsa/pull/2583)
- The CVSS v2 BaseScore calculator calculates the score on the client side now. [#2536](https://github.com/greenbone/gsa/pull/2536)
+
### Fixed
- Fixed setting comments of business process nodes [#2781](https://github.com/greenbone/gsa/pull/2781)
diff --git a/gsa/src/gmp/models/__tests__/certbund.js b/gsa/src/gmp/models/__tests__/certbund.js
index 2fa8d5df4b..996020419d 100644
--- a/gsa/src/gmp/models/__tests__/certbund.js
+++ b/gsa/src/gmp/models/__tests__/certbund.js
@@ -35,12 +35,11 @@ describe('CertBundAdv model tests', () => {
test('should parse severity', () => {
const elem = {
- score: '85',
+ severity: '8.5',
};
const certBundAdv = CertBundAdv.fromElement(elem);
expect(certBundAdv.severity).toEqual(8.5);
- expect(certBundAdv.score).toBeUndefined();
});
test('should return empty categories array if no advisory is given', () => {
diff --git a/gsa/src/gmp/models/__tests__/cpe.js b/gsa/src/gmp/models/__tests__/cpe.js
index b583b0f223..f4b8db541a 100644
--- a/gsa/src/gmp/models/__tests__/cpe.js
+++ b/gsa/src/gmp/models/__tests__/cpe.js
@@ -24,10 +24,9 @@ testModel(Cpe, 'cpe');
describe('CPE model tests', () => {
test('should parse severity correctly', () => {
- const cpe = Cpe.fromElement({score: '50'});
- const cpe2 = Cpe.fromElement({score: '100'});
+ const cpe = Cpe.fromElement({severity: '5.0'});
+ const cpe2 = Cpe.fromElement({severity: '10.0'});
- expect(cpe.score).toBeUndefined();
expect(cpe.severity).toEqual(5.0);
expect(cpe2.severity).toEqual(10);
});
diff --git a/gsa/src/gmp/models/__tests__/cve.js b/gsa/src/gmp/models/__tests__/cve.js
index e8f3082555..dcb809ba34 100644
--- a/gsa/src/gmp/models/__tests__/cve.js
+++ b/gsa/src/gmp/models/__tests__/cve.js
@@ -47,7 +47,7 @@ describe('CVE model tests', () => {
test('should parse severity', () => {
const elem = {
- score: '85',
+ severity: '8.5',
};
const cve = Cve.fromElement(elem);
@@ -132,7 +132,7 @@ describe('CVE model tests', () => {
test('should parse CVSS metrics', () => {
const elem = {
cve: {
- score: '100',
+ severity: '10.0',
cvss_vector: 'AV:N/AC:L/Au:N/C:C/I:C/A:C',
},
};
diff --git a/gsa/src/gmp/models/__tests__/dfncert.js b/gsa/src/gmp/models/__tests__/dfncert.js
index e8752d05e4..fc2857783d 100644
--- a/gsa/src/gmp/models/__tests__/dfncert.js
+++ b/gsa/src/gmp/models/__tests__/dfncert.js
@@ -30,10 +30,9 @@ describe('DfnCertAdv model tests', () => {
});
test('should parse severity correctly', () => {
- const dfnCertAdv = DfnCertAdv.fromElement({score: '50'});
- const dfnCertAdv2 = DfnCertAdv.fromElement({score: '100'});
+ const dfnCertAdv = DfnCertAdv.fromElement({severity: '5.0'});
+ const dfnCertAdv2 = DfnCertAdv.fromElement({severity: '10.0'});
- expect(dfnCertAdv.score).toBeUndefined();
expect(dfnCertAdv.severity).toEqual(5.0);
expect(dfnCertAdv2.severity).toEqual(10);
});
diff --git a/gsa/src/gmp/models/__tests__/nvt.js b/gsa/src/gmp/models/__tests__/nvt.js
index 0f4c8d5186..0fcb44f628 100644
--- a/gsa/src/gmp/models/__tests__/nvt.js
+++ b/gsa/src/gmp/models/__tests__/nvt.js
@@ -161,27 +161,27 @@ describe('nvt Model tests', () => {
const nvt1 = Nvt.fromElement({
severities: {
severity: {
- score: 94,
+ score: 9.4,
origin: 'Vendor',
date: '2021-03-10T06:40:13Z',
},
},
- cvss_base: '6.6',
+ score: '6.6',
});
const nvt2 = Nvt.fromElement({
severities: {
severity: {
- score: 74,
+ score: 7.4,
origin: 'Greenbone',
date: '2020-03-10T06:40:13Z',
},
},
- cvss_base: '',
+ score: '',
});
const nvt3 = Nvt.fromElement({
severities: {
severity: {
- score: 10,
+ score: 1.0,
origin: '',
},
},
diff --git a/gsa/src/gmp/models/__tests__/ovaldef.js b/gsa/src/gmp/models/__tests__/ovaldef.js
index 19238015b9..1004342c1b 100644
--- a/gsa/src/gmp/models/__tests__/ovaldef.js
+++ b/gsa/src/gmp/models/__tests__/ovaldef.js
@@ -29,10 +29,9 @@ testModel(Ovaldef, 'ovaldef');
describe('Ovaldef model tests', () => {
test('should parse severity', () => {
- const ovaldef = Ovaldef.fromElement({score: '85'});
+ const ovaldef = Ovaldef.fromElement({severity: '8.5'});
expect(ovaldef.severity).toEqual(8.5);
- expect(ovaldef.score).toBeUndefined();
});
test('should parse deprecated', () => {
diff --git a/gsa/src/gmp/models/certbund.js b/gsa/src/gmp/models/certbund.js
index 579d6060a5..09723c7291 100644
--- a/gsa/src/gmp/models/certbund.js
+++ b/gsa/src/gmp/models/certbund.js
@@ -28,8 +28,7 @@ class CertBundAdv extends Info {
static parseElement(element) {
const ret = super.parseElement(element, 'cert_bund_adv');
- ret.severity = parseSeverity(ret.score / 10);
- delete ret.score;
+ ret.severity = parseSeverity(ret.severity);
ret.categories = [];
ret.description = [];
diff --git a/gsa/src/gmp/models/cpe.js b/gsa/src/gmp/models/cpe.js
index c3964a331e..1306b1d802 100644
--- a/gsa/src/gmp/models/cpe.js
+++ b/gsa/src/gmp/models/cpe.js
@@ -22,7 +22,7 @@ import {map} from 'gmp/utils/array';
import Info from './info';
-import {parseScoreToSeverity, parseSeverity, parseDate} from 'gmp/parser';
+import {parseSeverity, parseScoreToSeverity, parseDate} from 'gmp/parser';
class Cpe extends Info {
static entityType = 'cpe';
@@ -38,9 +38,7 @@ class Cpe extends Info {
static parseElement(element) {
const ret = super.parseElement(element, 'cpe');
-
- ret.severity = parseScoreToSeverity(ret.score);
- delete ret.score;
+ ret.severity = parseSeverity(ret.severity);
ret.cveRefCount = ret.cve_refs;
delete ret.cve_refs;
diff --git a/gsa/src/gmp/models/cve.js b/gsa/src/gmp/models/cve.js
index 217bdab060..0a45bc73a8 100644
--- a/gsa/src/gmp/models/cve.js
+++ b/gsa/src/gmp/models/cve.js
@@ -39,10 +39,14 @@ class Cve extends Info {
} else if (hasValue(ret.cvssV2Vector)) {
ret.vector = ret.cvssV2Vector;
} else {
- ret.vector = null;
+ ret.vector = undefined;
}
- ret.severity = parseSeverity(ret.score / 10);
+ ret.severity = parseSeverity(ret.score);
+
+ if (!hasValue(ret.refs)) {
+ ret.refs = [];
+ }
return ret;
}
@@ -54,9 +58,7 @@ class Cve extends Info {
ret.updateTime = parseDate(ret.update_time);
delete ret.update_time;
}
- // divide by ten because we now use integer 0-100 in cves
- ret.severity = parseSeverity(ret.score / 10);
- delete ret.cvss;
+ ret.severity = parseSeverity(ret.severity);
if (isDefined(ret.nvts)) {
ret.nvtRefs = map(ret.nvts.nvt, nvt => {
diff --git a/gsa/src/gmp/models/dfncert.js b/gsa/src/gmp/models/dfncert.js
index 0d999188fa..822375ff47 100644
--- a/gsa/src/gmp/models/dfncert.js
+++ b/gsa/src/gmp/models/dfncert.js
@@ -27,9 +27,7 @@ class DfnCertAdv extends Info {
static parseElement(element) {
const ret = super.parseElement(element, 'dfn_cert_adv');
-
- ret.severity = parseSeverity(ret.score / 10);
- delete ret.score;
+ ret.severity = parseSeverity(ret.severity);
const {raw_data} = ret;
diff --git a/gsa/src/gmp/models/nvt.js b/gsa/src/gmp/models/nvt.js
index c7c200bd00..2f11c88f33 100644
--- a/gsa/src/gmp/models/nvt.js
+++ b/gsa/src/gmp/models/nvt.js
@@ -164,8 +164,8 @@ class Nvt extends Info {
if (isDefined(ret.severities)) {
const {severity} = ret.severities;
- ret.severity = parseSeverity(severity?.score / 10);
- ret.severityOrigin = parseText(severity?.origin);
+ ret.severity = parseSeverity(severity.score);
+ ret.severityOrigin = parseText(severity.origin);
ret.severityDate = parseDate(severity.date);
} else {
ret.severity = parseSeverity(ret.cvss_base);
@@ -178,7 +178,7 @@ class Nvt extends Info {
const solutionMethod = ret.solution._method;
ret.solution = {
type: isEmpty(solutionType) ? undefined : solutionType,
- description: isEmpty(solutionText) ? undefined : solutionText,
+ description: isEmpty(solutionText) ? undefined : solutionText,
method: isEmpty(solutionMethod) ? undefined : solutionMethod,
};
}
diff --git a/gsa/src/gmp/models/ovaldef.js b/gsa/src/gmp/models/ovaldef.js
index 6f55f6b9af..a377645e78 100644
--- a/gsa/src/gmp/models/ovaldef.js
+++ b/gsa/src/gmp/models/ovaldef.js
@@ -74,8 +74,7 @@ class Ovaldef extends Info {
static parseElement(element) {
const ret = super.parseElement(element, 'ovaldef');
- ret.severity = parseSeverity(ret.score / 10);
- delete ret.score;
+ ret.severity = parseSeverity(ret.severity);
const {raw_data} = ret;
diff --git a/gsa/src/web/graphql/__mocks__/cves.js b/gsa/src/web/graphql/__mocks__/cves.js
index 5551a3a5e9..9a3fc626b0 100644
--- a/gsa/src/web/graphql/__mocks__/cves.js
+++ b/gsa/src/web/graphql/__mocks__/cves.js
@@ -38,7 +38,7 @@ export const cveEntity = deepFreeze({
userTags: null,
updateTime: '2020-09-29T12:16:50+00:00',
cvssVector: 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N',
- score: 55,
+ score: 5.5,
cvssV2Vector: {
integrity: 'NONE',
accessComplexity: 'MEDIUM',
diff --git a/gsa/src/web/pages/cves/__tests__/row.js b/gsa/src/web/pages/cves/__tests__/row.js
index bf553cbe96..f4f736f416 100644
--- a/gsa/src/web/pages/cves/__tests__/row.js
+++ b/gsa/src/web/pages/cves/__tests__/row.js
@@ -39,7 +39,7 @@ const entity = Cve.fromElement({
name: 'CVE-2020-9992',
cvss_vector: 'AV:N/AC:M/Au:N/C:C/I:C/A:C',
creationTime: '2020-10-22T19:15:00Z',
- score: '93',
+ severity: '9.3',
description: 'foo bar baz',
usage_type: 'cve',
});
@@ -127,7 +127,7 @@ const entity_v3 = Cve.fromElement({
name: 'CVE-2020-9992',
cvss_vector: 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H',
creationTime: '2020-10-22T19:15:00Z',
- score: '71',
+ severity: '7.1',
description: 'foo bar baz',
usage_type: 'cve',
});
diff --git a/gsa/src/web/pages/cves/details.js b/gsa/src/web/pages/cves/details.js
index 613f2c8968..3cae96a6c5 100644
--- a/gsa/src/web/pages/cves/details.js
+++ b/gsa/src/web/pages/cves/details.js
@@ -21,6 +21,7 @@ import React from 'react';
import {_, _l} from 'gmp/locale/lang';
import {isDefined, hasValue} from 'gmp/utils/identity';
+import {isEmpty} from 'gmp/utils/string';
import SeverityBar from 'web/components/bar/severitybar';
@@ -72,7 +73,7 @@ const CveDetails = ({entity}) => {
- {hasValue(cvssVector) && (
+ {!isEmpty(cvssVector) && (
{_('Base Vector')}