From c756842b198ca6a4cf55ac0d841c7118dae4858f Mon Sep 17 00:00:00 2001
From: Karsten Klein <karsten.klein@metaeffekt.com>
Date: Mon, 18 Mar 2024 09:36:39 +0100
Subject: [PATCH] Adding examples for OpenChain webinar

---
 .../assessment/auto-assessment.yaml               | 15 ++++++++++++---
 .../windows11-advisor/assessment/baseline.yaml    |  2 +-
 .../context/CTX_privilege-escalation.yaml         |  2 ++
 3 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/advisors/windows11-advisor/assessment/auto-assessment.yaml b/advisors/windows11-advisor/assessment/auto-assessment.yaml
index 0d8eead..730f442 100755
--- a/advisors/windows11-advisor/assessment/auto-assessment.yaml
+++ b/advisors/windows11-advisor/assessment/auto-assessment.yaml
@@ -6,6 +6,13 @@ history:
     author: KKL
     rationale: "<p>
         This vulnerability affects ${msrc.product.name} (Product Id: ${msrc.product.id}).
+      </p>
+      <p>
+        The windows workstations are integrated in a dedicated network. No access from external is possible
+        (CVSSv2: AV:A; CVSSv3/CVSSv4: MAV:A).
+      </p>
+      <p>
+        Official fix available (CVSSv2/CVSSv3: RL:O).
       </p>"
     measures: "<lq>
         For this vulnerability security patches are available.
@@ -16,8 +23,10 @@ history:
 affects:
   condition: '[attribute "msrc-fixes" is not empty] and [advisor providers contains "MSRC"]'
 
-# add information on CVSSv2.0 and CVSSv3.1 that an official fix is available
+# add information on CVSSv2.0 and CVSSv3.1 baseline that an official fix is available
 cvssV2:
-  lower: RL:O
+  lower: AV:A/RL:O
 cvssV3:
-  lower: RL:O
+  lower: MAV:A/RL:O
+cvssV4:
+  lower: MAV:A
\ No newline at end of file
diff --git a/advisors/windows11-advisor/assessment/baseline.yaml b/advisors/windows11-advisor/assessment/baseline.yaml
index 75726a0..84f8722 100755
--- a/advisors/windows11-advisor/assessment/baseline.yaml
+++ b/advisors/windows11-advisor/assessment/baseline.yaml
@@ -3,7 +3,7 @@ history:
   - rationale:
       "<p>
         The windows workstations are integrated in a dedicated network. No access from external is possible
-        ().
+        (CVSSv2: AV:A; CVSSv3/CVSSV4: MAV:A).
       </p>"
     date: 2024-02-29
     author: KKL
diff --git a/advisors/windows11-advisor/context/CTX_privilege-escalation.yaml b/advisors/windows11-advisor/context/CTX_privilege-escalation.yaml
index 01250bb..8b730cc 100755
--- a/advisors/windows11-advisor/context/CTX_privilege-escalation.yaml
+++ b/advisors/windows11-advisor/context/CTX_privilege-escalation.yaml
@@ -6,6 +6,8 @@ sets:
       - amount: 1
         keywords:
           - privilege escalation
+          - privilege elevation
+          - elevation of privilege
           - jailbreak
           - container escape
           - to access any other file