cpe2.3命名 CPE命名
cpe2.3命名 CPE命名
Naming
The CPE 2.3 Naming Specification defines standardized methods for assigning names to IT product classes. An example is the following name representing Microsoft Internet Explorer 8.0.6001 Beta:
wfn:[part="a",vendor="microsoft",product="internet_explorer",
version="8.0.6001",update="beta"]
This method of naming is known as a well-formed CPE name (WFN). It is an abstract logical construction. The CPE Naming Specification defines procedures for binding WFNs to machine-readable encodings, as well as unbinding those encodings back to WFNs. One of the bindings, called a Uniform Resource Identifier (URI) binding, is included in CPE 2.3 for backward compatibility with CPE 2.2 (see the CPE Archive). The URI binding representation of the WFN above is:
cpe:/a:microsoft:internet_explorer:8.0.6001:beta
The Official CPE Dictionary published and maintained by NIST contains an authoritative enumeration of CPE names in the URI binding representation.
The second binding defined in CPE 2.3 is called a formatted string binding. It has a somewhat different syntax than the URI binding, and it also supports additional product attributes. With the formatted string binding, the WFN above can be represented by the following:
cpe:2.3🅰️microsoft:internet_explorer:8.0.6001:beta::::::
The WFN concept and the bindings defined by the CPE Naming specification are the fundamental building blocks at the core of all CPE functionality.
CPE 2.3 Naming Specification Document and CPE Reference Implementation
Go to the Downloads section below to download the entire CPE 2.3 Naming Specification document, NIST IR 7695. Also available is zip file of MITRE’s CPE Reference Implementation of the procedures specified in NIST IR-7695 for binding and unbinding WFNs.
Dictionary
The CPE 2.3 Dictionary Specification defines a standardized method for creating and managing CPE dictionaries. A dictionary is a repository of CPE names and metadata associated with the names. Each CPE name in the dictionary identifies a single class of IT product in the world. The word "class" here signifies that the object identified is not a physical instantiation of a product on a system, but rather the abstract model of that product. Although organizations may use a CPE name to represent either a single product class or a set of multiple product classes, a CPE dictionary stores only bound forms of well-formed CPE names (WFNs) that identify a single product class, not a set of product classes. These single product-class WFNs in bound form are referred to as identifier names. An example of a WFN and its bound forms is shown below.
WFN:
wfn:[part="o",vendor="microsoft",product="windows_vista",version="6\.0", update="sp1",edition=NA,language=NA,sw_edition="home_premium", target_sw=NA,target_hw="x64",other=NA]
WFN bound to a URI:
cpe:/o:microsoft:windows_vista:6.0:sp1:~-~home_premium~-~x64~-
WFN bound to a formatted string:
cpe:2.3:o:microsoft:windows_vista:6.0:sp1:-:-:home_premium:-:x64:-
查看CPE2.3.的xml。可能会发现有很多的*****
完整的规则大概就是这个意思
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:part:vendor:product:version:update:edition:language:sw_edition:target_sw:target_hw:other
其中,part表示目标类型,允许的值有a(应用程序)、h(硬件平台)、o(操作系统);vendor表示厂商?;product表示产品名称;version表示版本号;update表示更新包;edition表示版本;language表示语言项。
以下内容为个人猜测:
sw_edition:software软件版本?
target_sw:目标软件版本?
target_hw:目标硬件版本?
other:其他信息/备注信息
