[ 'title' => PluginCveCve::getTypeName(), 'page' => '/plugins/cve/front/cve.php', 'icon' => 'fas fa-shield-alt', ], 'cvesource' => [ 'title' => PluginCveCveSource::getTypeName(), 'page' => '/plugins/cve/front/cvesource.php', 'icon' => 'fas fa-database', ], 'cverule' => [ 'title' => PluginCveCveRule::getTypeName(), 'page' => '/plugins/cve/front/cverule.php', 'icon' => 'fas fa-cogs', ] ]; $menu['options']['dashboard'] = [ 'title' => __('Dashboard', 'cve'), 'page' => '/plugins/cve/front/dashboard.php', 'icon' => 'fas fa-tachometer-alt', ]; // Add inventory and alerts menu items if (Session::haveRight('plugin_cve_inventory', READ)) { $menu['options']['inventory'] = [ 'title' => PluginCveCveInventory::getTypeName(), 'page' => '/plugins/cve/front/inventory.php', 'icon' => 'fas fa-laptop', ]; } if (Session::haveRight('plugin_cve_alert', READ)) { $menu['options']['alert'] = [ 'title' => PluginCveCveAlert::getTypeName(), 'page' => '/plugins/cve/front/alert.php', 'icon' => 'fas fa-exclamation-triangle', ]; } } return $menu; } /** * Get main tabs * * @param array $options * @return array */ function getTabNameForItem(CommonGLPI $item, $withtemplate = 0) { if ($item->getType() == 'Ticket') { if (PluginCveCve::canView()) { return [1 => __('CVEs', 'cve')]; } } // Add tab to software if ($item->getType() == 'Software' && Session::haveRight('plugin_cve_inventory', READ)) { return [1 => __('Vulnerabilities', 'cve')]; } return []; } /** * Display tabs content * * @param CommonGLPI $item * @param int $tabnum * @param int $withtemplate * @return boolean */ static function displayTabContentForItem(CommonGLPI $item, $tabnum = 1, $withtemplate = 0) { if ($item->getType() == 'Ticket') { PluginCveCveTicket::showForTicket($item); return true; } if ($item->getType() == 'Software') { self::showVulnerabilitiesForSoftware($item); return true; } return false; } /** * Show vulnerabilities for a software * * @param Software $software Software object * @return void */ static function showVulnerabilitiesForSoftware(Software $software) { global $DB; $ID = $software->getField('id'); echo "
"; // Get vulnerabilities for this software $query = "SELECT a.*, c.cve_id, c.severity AS cve_severity, c.cvss_score, c.description, v.name AS version_name FROM `glpi_plugin_cve_alerts` AS a LEFT JOIN `glpi_plugin_cve_cves` AS c ON c.id = a.cves_id LEFT JOIN `glpi_softwareversions` AS v ON v.id = a.softwareversions_id WHERE a.softwares_id = $ID ORDER BY c.severity DESC, c.cvss_score DESC"; $result = $DB->query($query); if ($result && $DB->numrows($result) > 0) { echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; while ($data = $DB->fetchAssoc($result)) { echo ""; // CVE ID echo ""; // Version echo ""; // Severity echo ""; // CVSS Score echo ""; // Description echo ""; // Status echo ""; echo ""; } echo "
" . __('Vulnerabilities', 'cve') . "
" . __('CVE ID', 'cve') . "" . __('Version', 'cve') . "" . __('Severity', 'cve') . "" . __('CVSS Score', 'cve') . "" . __('Description', 'cve') . "" . __('Status', 'cve') . "
"; echo ""; echo $data['cve_id']; echo ""; echo ""; echo $data['version_name']; echo ""; echo ""; echo $data['severity']; echo ""; echo ""; echo $data['cvss_score']; echo ""; echo Html::resume_text($data['description'], 100); echo ""; echo $data['status']; if ($data['tickets_id'] > 0) { echo " ("; echo ""; echo __('Ticket', 'cve') . " #" . $data['tickets_id']; echo ""; echo ")"; } echo "
"; } else { echo ""; echo ""; echo ""; echo "
" . __('Vulnerabilities', 'cve') . "
" . __('No vulnerabilities found for this software', 'cve') . "
"; } // Manual scan button if (Session::haveRight("plugin_cve_inventory", UPDATE)) { echo "
"; echo "
"; echo ""; Html::closeForm(); echo "
"; } echo "
"; } }