Cisco Cisco Firepower Management Center 4000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

563

Understanding Legacy Data Structures

Legacy Discovery Data Structures

Appendix B

Legacy Vulnerability Blocks

See the following sections for more information:

User Vulnerability Data Block 4.7 - 4.10.x

The User Vulnerability data block describes a vulnerability and is used within User 

Vulnerability Change data blocks, which in turn are used in User Set Valid 

Vulnerabilities events (event type 1002, subtype 1) and User Set Invalid 

Vulnerabilities events (event type 1002, subtype 2). The User Vulnerability data 

block has a block type of 79. For more information on User Vulnerability Change 

data blocks, see 

 on page 285.

The following diagram shows the format of a User Vulnerability data block:

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

User Vulnerability Block Type (79)

User Vulnerability Block Length

IP Range  Spec Blocks

Generic List Block Type (31)

Generic List Block Length

IP Range Specification Data Blocks...*

Port

Protocol

Vulnerability ID

UU

ID

UUID

UUID cont.

UUID cont.

UUID cont.

String Block Type (0)

String Block Length

Vulnerability String...