diff --git a/cpe-remap.yaml b/cpe-remap.yaml
index a7e7a2ff..b3a590f8 100644
--- a/cpe-remap.yaml
+++ b/cpe-remap.yaml
@@ -1,242 +1,315 @@
mappings:
- alpine:
- vendor: alpinelinux
- products:
- linux: alpine_linux
- amazon:
- products:
- s3: web_services_simple_storage_service
- apache:
- products:
- httpd: http_server
- apple:
- products:
- ios: iphone_os
- aprelium_technologies:
- vendor: aprelium
- alt-n:
- vendor: altn
- aruba_networks:
- vendor: arubanetworks
- bea:
- products:
- weblogic: weblogic_server
- blue_coat:
- vendor: bluecoat
- carnegie_mellon_university:
- vendor: cmu
- products:
- cyrus_imap: cyrus_imap_server
- centos:
- products:
- linux: centos
- centos_webpanel:
- vendor: centos-webpanel
- check_point:
- vendor: checkpoint
- cherokee_project:
- vendor: cherokee-project
- cisco:
- vendor: cisco
- products:
- adaptive_security_appliance: adaptive_security_appliance_software
- apic: application_policy_infrastructure_controller
- pix: pix_firewall_software
- telepresence: telepresence_video_communication_server_software
- cpanel:
- products:
- cpanel_service_daemon: cpanel
- crushftp:
- products:
- crushftp_web_interface: crushftp
- cumulus:
- vendor: cumulusnetworks
- cz.nic:
- vendor: knot-dns
- data_domain:
- vendor: dell
- products:
- dd_os: emc_data_domain_os
- debian:
- products:
- linux: debian_linux
- drupal:
- products:
- cms: drupal
- embedthis:
- products:
- goahead_webserver: goahead
- emc:
- products:
- celerra: celerra_network_attached_storage
- envoy_proxy:
- vendor: envoyproxy
- f5:
- products:
- big-ip: big-ip_local_traffic_manager
- big-ip_ltm: big-ip_local_traffic_manager
- fedora_project:
- vendor: fedoraproject
- google:
- products:
- google_web_services: web_server
- hp:
- products:
- ilo: integrated_lights_out
- tru64_unix: tru64
- ibm:
- products:
- lotus_domino: lotus_domino_server
- ibm_domino: lotus_domino
- os/400: os_400
- i5/os: i5os
- ignite_realtime:
- vendor: igniterealtime
- intel:
- products:
- intel(r)_active_management_technology: active_management_technology
- intel(r)_standard_manageability: standard_manageability
- jamf:
- products:
- jamf_pro: jamf
- juniper:
- products:
- junos_os: junos
- kibana:
- vendor: elasticsearch
- kubernetes:
- products:
- nginx_ingress_controller: ingress-nginx
- kodi:
- products:
- media_server: kodi
- kong:
- vendor: konghq
- products:
- gateway: kong_gateway
- litespeed_technologies:
- vendor: litespeedtech
- linux:
- products:
- linux: linux_kernel
- lynx_technology:
- vendor: lynxtechnology
- products:
- twonky_media_server: twonky_server
- mailenable:
- products:
- mail_server: mailenable
- microsoft:
- products:
- active_directory_controller: active_directory
- exchange_server_5.5: exchange_server
- exchange_2000_server: exchange_server
- exchange_2003_server: exchange_server
- exchange_2007_server: exchange_server
- lightweight_directory_server: active_directory_lightweight_directory_service
- windows_server_2003_datacenter_edition: windows_server_2003
- windows_server_2003_r2: windows_server_2003
- windows_2008_r2: windows_server_2008
- windows_server_2008_datacenter_edition: windows_server_2008
- windows_server_2008_r2: windows_server_2008
- windows_server_2008_r2_datacenter_edition: windows_server_2008
- windows_server_2012_r2: windows_server_2012
- nt: windows_nt
- windows_nt_desktop: windows_nt
- windows_nt_server: windows_nt
- windows_server_2000: windows_2000
- windows_2000_server: windows_2000
- windows_2000_datacenter_server: windows_2000
- pws: personal_web_server
- mod_ssl:
- vendor: modssl
- mod_wsgi:
- vendor: modwsgi
- # NIST took the vendor name from the website but apparently missed the `.in`
- # in moinmo.in was part of the name
- moinmoin:
- vendor: moinmo
- mort_bay:
- vendor: mortbay
- munin:
- vendor: munin-monitoring
- nlnet_labs:
- vendor: nlnetlabs
- products:
- dnsd: name_server_daemon
- net-snmp:
- products:
- snmp_agent: net-snmp
- owncloud:
- products:
- owncloud_server: owncloud
- palo_alto_networks:
- vendor: paloaltonetworks
- parallels:
- products:
- plesk: parallels_plesk_panel
- plesk:
- vendor: parallels
- proftpd_project:
- vendor: proftpd
- progress:
- products:
- openedge_explorer: openedge
- pulse_secure:
- vendor: pulsesecure
- realvnc_ltd.:
- vendor: realvnc
- red_hat:
- vendor: redhat
- products:
- cygwin_x_server_project: cygwin
- fedora_core_linux: fedora_core
- jboss_as: jboss_wildfly_application_server
- jboss_eap: jboss_enterprise_application_platform
- jbossweb: jboss_web_framework_kit
- red_hat_directory_server: directory_server
- squid_cache:
- vendor: squid-cache
- sun:
- vendor: sun
- products:
- solaris: sunos
- swagger:
- vendor: smartbear
- synology:
- products:
- dsm: diskstation_manager
- tandberg:
- vendor: cisco
- tightvnc:
- products:
- desktop: tightvnc
- tor_project:
- vendor: torproject
- traefik_labs:
- vendor: containous
- products:
- traefik_proxy: traefik
- twistedmatrix:
- products:
- twisted_web: twistedweb
- ubiquiti:
- vendor: ui
- ubuntu:
- vendor: canonical
- products:
- linux: ubuntu_linux
- vandyke_software:
- vendor: vandyke
- vmware:
- products:
- photon_linux: photon_os
- zimbra: zimbra_desktop
- vcenter: vcenter_server
- vmware_esx_server: esx
- vmware_esxi_server: esxi
- wind_river:
- vendor: windriver
- x.org:
- products:
- x.org_x11: x11
+ # The following section contains CPE application or 'a' remappings. These will
+ # ONLY be used for mapping Recog 'service' attributes.
+ a:
+ akamai:
+ products:
+ ghost: akamaighost
+ amazon:
+ products:
+ s3: amazon_simple_storage_service
+ cloudfront_load_balancer: amazon_cloudfront
+ apache:
+ products:
+ httpd: http_server
+ aprelium_technologies:
+ vendor: aprelium
+ alt-n:
+ vendor: altn
+ aruba_networks:
+ vendor: arubanetworks
+ bea:
+ products:
+ weblogic: weblogic_server
+ blue_coat:
+ vendor: bluecoat
+ carnegie_mellon_university:
+ vendor: cmu
+ products:
+ cyrus_imap: cyrus_imap_server
+ centos_webpanel:
+ vendor: centos-webpanel
+ check_point:
+ vendor: checkpoint
+ cherokee_project:
+ vendor: cherokee-project
+ cisco:
+ products:
+ apic: application_policy_infrastructure_controller
+ cloudflare:
+ products:
+ cloudflare_load_balancer: load_balancing
+ cpanel:
+ products:
+ cpanel_service_daemon: cpanel
+ crushftp:
+ products:
+ crushftp_web_interface: crushftp
+ cz.nic:
+ vendor: knot-dns
+ drupal:
+ products:
+ cms: drupal
+ embedthis:
+ products:
+ goahead_webserver: goahead
+ envoy_proxy:
+ vendor: envoyproxy
+ f5:
+ products:
+ big-ip: big-ip_local_traffic_manager
+ big-ip_ltm: big-ip_local_traffic_manager
+ fedora_project:
+ vendor: fedoraproject
+ google:
+ products:
+ google_web_services: web_server
+ ibm:
+ products:
+ lotus_domino: lotus_domino_server
+ ibm_domino: lotus_domino
+ ignite_realtime:
+ vendor: igniterealtime
+ intel:
+ products:
+ intel(r)_active_management_technology: active_management_technology
+ intel(r)_standard_manageability: standard_manageability
+ jamf:
+ products:
+ jamf_pro: jamf
+ kibana:
+ vendor: elasticsearch
+ kubernetes:
+ products:
+ nginx_ingress_controller: ingress-nginx
+ kodi:
+ products:
+ media_server: kodi
+ kong:
+ vendor: konghq
+ products:
+ gateway: kong_gateway
+ litespeed_technologies:
+ vendor: litespeedtech
+ lotus:
+ vendor: ibm
+ lynx_technology:
+ vendor: lynxtechnology
+ products:
+ twonky_media_server: twonky_server
+ mailenable:
+ products:
+ mail_server: mailenable
+ manageengine:
+ vendor: zohocorp
+ products:
+ adaudit_plus: manageengine_adaudit_plus
+ desktop_central: manageengine_desktop_central
+ opmanager: manageengine_opmanager
+ microsoft:
+ products:
+ active_directory_controller: active_directory
+ exchange_server_5.5: exchange_server
+ exchange_2000_server: exchange_server
+ exchange_2003_server: exchange_server
+ exchange_2007_server: exchange_server
+ lightweight_directory_server: active_directory_lightweight_directory_service
+ pws: personal_web_server
+ mod_ssl:
+ vendor: modssl
+ mod_wsgi:
+ vendor: modwsgi
+ # NIST took the vendor name from the website but apparently missed the `.in`
+ # in moinmo.in was part of the name
+ moinmoin:
+ vendor: moinmo
+ mort_bay:
+ vendor: mortbay
+ munin:
+ vendor: munin-monitoring
+ nlnet_labs:
+ vendor: nlnetlabs
+ products:
+ dnsd: name_server_daemon
+ net-snmp:
+ products:
+ snmp_agent: net-snmp
+ owncloud:
+ products:
+ owncloud_server: owncloud
+ parallels:
+ products:
+ plesk: parallels_plesk_panel
+ plesk:
+ vendor: parallels
+ proftpd_project:
+ vendor: proftpd
+ progress:
+ products:
+ openedge_explorer: openedge
+ pulse_secure:
+ vendor: pulsesecure
+ realvnc_ltd.:
+ vendor: realvnc
+ red_hat:
+ vendor: redhat
+ products:
+ cygwin_x_server_project: cygwin
+ jboss_as: jboss_wildfly_application_server
+ jboss_eap: jboss_enterprise_application_platform
+ jbossweb: jboss_web_framework_kit
+ red_hat_directory_server: directory_server
+ serv-u:
+ vendor: solarwinds
+ squid_cache:
+ vendor: squid-cache
+ ssh_communications_security:
+ vendor: ssh
+ products:
+ ssh_tectia_server: tectia_server
+ standard_networks:
+ vendor: ipswitch
+ swagger:
+ vendor: smartbear
+ synology:
+ products:
+ dsm: diskstation_manager
+ tightvnc:
+ products:
+ desktop: tightvnc
+ tor_project:
+ vendor: torproject
+ traefik_labs:
+ vendor: containous
+ products:
+ traefik_proxy: traefik
+ twistedmatrix:
+ products:
+ twisted_web: twistedweb
+ ubiquiti:
+ vendor: ui
+ vandyke_software:
+ vendor: vandyke
+ vmware:
+ products:
+ zimbra: zimbra_desktop
+ vcenter: vcenter_server
+ x.org:
+ products:
+ x.org_x11: x11
+
+ # The following section contains CPE operating system or 'o' remappings. These will
+ # ONLY be used for mapping Recog 'os' attributes.
+ o:
+ alpine:
+ vendor: alpinelinux
+ products:
+ linux: alpine_linux
+ apple:
+ products:
+ ios: iphone_os
+ centos:
+ products:
+ linux: centos
+ check_point:
+ vendor: checkpoint
+ cisco:
+ products:
+ adaptive_security_appliance: adaptive_security_appliance_software
+ nam: network_analysis_module_software
+ pix: pix_firewall_software
+ telepresence: telepresence_video_communication_server_software
+ vpn_3000_concentrator: vpn_3000_concentrator_series_software
+ wireless_lan_controller: wireless_lan_controller_software
+ citrix:
+ products:
+ netscaler: netscaler_firmware
+ netscaler_gateway: netscaler_gateway_firmware
+ cumulus:
+ vendor: cumulusnetworks
+ data_domain:
+ vendor: dell
+ products:
+ dd_os: emc_data_domain_os
+ debian:
+ products:
+ linux: debian_linux
+ hp:
+ products:
+ ilo: integrated_lights-out_firmware
+ ilo_firmware: integrated_lights-out_firmware
+ ilo_2: integrated_lights-out_2_firmware
+ ilo_3: integrated_lights-out_3_firmware
+ ilo_4: integrated_lights-out_4_firmware
+ ilo_5: integrated_lights-out_5_firmware
+ tru64_unix: tru64
+ ibm:
+ products:
+ os/400: os_400
+ i5/os: i5os
+ juniper:
+ products:
+ junos_os: junos
+ linux:
+ products:
+ linux: linux_kernel
+ microsoft:
+ products:
+ windows_server_2003_datacenter_edition: windows_server_2003
+ windows_server_2003_r2: windows_server_2003
+ windows_2008_r2: windows_server_2008
+ windows_server_2008_datacenter_edition: windows_server_2008
+ windows_server_2008_r2: windows_server_2008
+ windows_server_2008_r2_datacenter_edition: windows_server_2008
+ windows_server_2012_r2: windows_server_2012
+ nt: windows_nt
+ windows_nt_desktop: windows_nt
+ windows_nt_server: windows_nt
+ windows_server_2000: windows_2000
+ windows_2000_server: windows_2000
+ windows_2000_datacenter_server: windows_2000
+ oracle:
+ products:
+ ilom: integrated_lights_out_manager_firmware
+ palo_alto_networks:
+ vendor: paloaltonetworks
+ red_hat:
+ vendor: redhat
+ products:
+ fedora_core_linux: fedora_core
+ sun:
+ products:
+ solaris: sunos
+ ubiquiti:
+ vendor: ui
+ ubuntu:
+ vendor: canonical
+ products:
+ linux: ubuntu_linux
+ vmware:
+ products:
+ photon_linux: photon_os
+ vmware_esx_server: esx
+ vmware_esxi_server: esxi
+ wind_river:
+ vendor: windriver
+
+ # The following section contains CPE hardware or 'h' remappings. These will
+ # ONLY be used for mapping Recog 'hw' attributes.
+ h:
+ cisco:
+ products:
+ nam: network_analysis_module
+ citrix:
+ products:
+ netscaler_sdx_gateway: netscaler_sdx
+ emc:
+ products:
+ celerra: celerra_network_attached_storage
+ hp:
+ products:
+ ilo: integrated_lights-out
+ tandberg:
+ vendor: cisco
+ ubiquiti:
+ vendor: ui
diff --git a/identifiers/hw_family.txt b/identifiers/hw_family.txt
index 0f32e14a..a8f86059 100644
--- a/identifiers/hw_family.txt
+++ b/identifiers/hw_family.txt
@@ -45,6 +45,7 @@ Multifunction
My Book
NE
NPort
+NetScaler
NetVanta
Netscaler
Network Audio
diff --git a/identifiers/hw_product.txt b/identifiers/hw_product.txt
index fa53f6d2..e9f0cf83 100644
--- a/identifiers/hw_product.txt
+++ b/identifiers/hw_product.txt
@@ -204,9 +204,12 @@ Mergepoint
Miniserver
My Book Live
N5172B Signal Generator
+NAM
NAS4Free
NFVIS
NPort
+NetScaler Gateway
+NetScaler SDX Gateway
NetScreen
NetVR
Netbox
@@ -332,6 +335,7 @@ iCOM Control Panel
iDRAC
iLO
iLO 3
+iLO 4
iMac (20/24-inch, Early 2008)
iMac (21.5-inch, 2017)
iMac (21.5-inch, Late 2012)
diff --git a/identifiers/os_product.txt b/identifiers/os_product.txt
index 4d17925f..f1f2c0fe 100644
--- a/identifiers/os_product.txt
+++ b/identifiers/os_product.txt
@@ -330,6 +330,7 @@ iDRAC Linux
iLO
iLO 2
iLO 3
+iLO 4
iOS
iScale
im
diff --git a/identifiers/service_product.txt b/identifiers/service_product.txt
index 27469777..380efd67 100644
--- a/identifiers/service_product.txt
+++ b/identifiers/service_product.txt
@@ -125,6 +125,7 @@ ESMTP
EWS
Ecelerity Mail Server
Elastic Load Balancer
+Elastic Load Balancing
EmWeb
Email Appliance
Email Security
@@ -277,7 +278,7 @@ MetaDirectory Server
Metabase
Metasploit
MiniDLNA
-MiniUPnP
+MiniUPnPd
MobaXterm
MoinMoin
Mongoose
@@ -389,6 +390,7 @@ Recursor
Red Hat Directory Server
Redmine
Reflection
+Reflection for Secure IT
ReflectionX
RemoteView
Resin
diff --git a/update_cpes.py b/update_cpes.py
index 570204ca..34a37ad4 100755
--- a/update_cpes.py
+++ b/update_cpes.py
@@ -16,8 +16,17 @@ def parse_cpe_vp_map(file):
parser = etree.XMLParser(remove_comments=False)
doc = etree.parse(file, parser)
namespaces = {'ns': 'http://cpe.mitre.org/dictionary/2.0', 'meta': 'http://scap.nist.gov/schema/cpe-dictionary-metadata/0.2'}
- for cpe_name in doc.xpath("//ns:cpe-list/ns:cpe-item/@name", namespaces=namespaces):
+ for entry in doc.xpath("//ns:cpe-list/ns:cpe-item", namespaces=namespaces):
+ cpe_name = entry.get("name")
+ if not cpe_name:
+ continue
+
+ # If the entry is deprecated then don't add it to our list of valid CPEs.
+ if entry.get("deprecated"):
+ continue
+
cpe_match = re.match('^cpe:/([aho]):([^:]+):([^:]+)', cpe_name)
+
if cpe_match:
cpe_type, vendor, product = cpe_match.group(1, 2, 3)
if cpe_type not in vp_map:
@@ -86,7 +95,11 @@ def lookup_cpe(vendor, product, cpe_type, cpe_table, remap):
# Everything else depends on a remap of some sort.
# get the remappings for this one vendor string.
- vendor_remap = remap.get(vendor, None)
+ vendor_remap = None
+
+ remap_type = remap.get(cpe_type, None)
+ if remap_type:
+ vendor_remap = remap_type.get(vendor, None)
if vendor_remap:
# If we have product remappings, work that angle next
diff --git a/xml/favicons.xml b/xml/favicons.xml
index 71110dba..b12509a0 100644
--- a/xml/favicons.xml
+++ b/xml/favicons.xml
@@ -237,6 +237,7 @@
+
@@ -1189,7 +1190,7 @@
-
+
@@ -1373,6 +1374,7 @@
+
@@ -1389,6 +1391,7 @@
+
@@ -1581,6 +1584,7 @@
+
@@ -1591,12 +1595,13 @@
-
+
+
diff --git a/xml/ftp_banners.xml b/xml/ftp_banners.xml
index 0962d79a..4e80b6ab 100644
--- a/xml/ftp_banners.xml
+++ b/xml/ftp_banners.xml
@@ -404,8 +404,6 @@ more text
-
-
SolarWinds Serv-U with version
Serv-U FTP Server v15.1.3.25 ready...
@@ -421,10 +419,10 @@ more text
Serv-U FTP-Server v2.5n for WinSock ready...
Serv-U FTP Server v6.0 for WinSock ready
-
+
-
+
@@ -436,10 +434,10 @@ more text
Serv-U FTP Server v7.2 ready...
Serv-U FTP Server v14.0 ready...
-
+
-
+
diff --git a/xml/html_title.xml b/xml/html_title.xml
index 421dbe8a..2d24fe1e 100644
--- a/xml/html_title.xml
+++ b/xml/html_title.xml
@@ -44,6 +44,7 @@
+
@@ -965,11 +966,12 @@
-
+
+
@@ -978,24 +980,38 @@
-
+
+
-
- HP Integrated Lights-Out 3+
- iLO 3
- iLO 4
+
+ HP Integrated Lights-Out 3
+ iLO 3
-
+
-
+
+
+
+
+
+ HP Integrated Lights-Out 4
+ iLO 4
+
+
+
+
+
+
+
+
@@ -1223,7 +1239,6 @@
-
@@ -1277,7 +1292,7 @@
-
+
@@ -1695,10 +1710,11 @@
- OpenStack Dashboard
+ OpenStack Horizon Dashboard
Login - OpenStack Dashboard
-
+
+
@@ -1815,7 +1831,7 @@
ManageEngine OpManager
-
+
@@ -1831,6 +1847,7 @@
ManageEngine ADAudit Plus
+
@@ -1889,11 +1906,17 @@
+
+
+
+
+
+
@@ -1903,11 +1926,17 @@
+
+
+
+
+
+
@@ -1922,6 +1951,11 @@
+
+
+
+
+
@@ -2492,7 +2526,7 @@
-
+
diff --git a/xml/http_cookies.xml b/xml/http_cookies.xml
index cd42dba9..e6c40510 100644
--- a/xml/http_cookies.xml
+++ b/xml/http_cookies.xml
@@ -12,6 +12,7 @@
+
@@ -198,7 +199,7 @@
-
+
@@ -222,6 +223,7 @@
+
diff --git a/xml/http_servers.xml b/xml/http_servers.xml
index c29286b4..8adbdc76 100644
--- a/xml/http_servers.xml
+++ b/xml/http_servers.xml
@@ -1364,13 +1364,13 @@
-
+