Cisco Cisco Firepower Management Center 4000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
285
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
User Vulnerability Change Data Block 4.7+
The User Vulnerability Change data block contains a list of deactivated
vulnerabilities for the host, the identification number for the user who deactivated
the vulnerabilities, information about the source that supplied the vulnerability
changes, and the criticality value. The User Vulnerability Change data block has a
block type of 80 in the series 1 group of blocks. Changes from the previous User
Vulnerability Change data block include a new source type field and the use of the
Generic list data block instead of the List data block to store vulnerability
deactivations. This data block is used in user vulnerability change messages as
page 216.
The following diagram shows the basic structure of a User Vulnerability Change
The following diagram shows the basic structure of a User Vulnerability Change
data block:
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
User Vulnerability Change Data Block Type (80)
User Vulnerability Change Block Length
Source ID
Source Type
Vu
ln Ack Bloc
ks
Generic List Block Type (31)
Generic List Block Length
User Vulnerability Data Blocks...*