SCAP Content Validation Results

Validation Result: PASS
Submitted Resource: R1100-scap11.zip (SHA-256 : 1A489A939269F8D8BCC5643379DC75E370D3329D5538DE2FDF9CA310BABF127D)
Validation Time: 2016-03-30T14:57:21
Tool Version: scapval-1.2.1.13

r1100-scap11-win_rhel-cpe-oval.xml

Requirement Count Level Type Description Location Test
A21 1
(of 1)
INFO SCHEMATRON oval:gov.nist.validation.cpe.oval:tst:101 - The OVAL test type is not checked in the NIST SCAP Validation Program. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:tests[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:rpminfo_test[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5#linux'][1] exists(document(concat('','/validation_program_oval_test_types.xml'))/test_types/test_type[@namespace eq namespace-uri(current()) and @name eq local-name(current())])

r1100-scap11-win_rhel-patches.xml

Requirement Count Level Type Description Location Test
211-1 1
(of 5)
WARN SCHEMATRON oval:gov.nist.validation.r1100_scap11_win_rhel.patch:def:1 - Issue a warning if an OVAL patch class does not reference a CVE. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definition[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1] if( @class eq 'patch' ) then exists(current()//oval-def:reference[matches(@source,'^(CVE|http://cve.mitre.org)$')]) else true()
211-1 1
(of 5)
WARN SCHEMATRON oval:gov.nist.validation.r1100_scap11_win_rhel.patch:def:2 - Issue a warning if an OVAL patch class does not reference a CVE. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definition[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][2] if( @class eq 'patch' ) then exists(current()//oval-def:reference[matches(@source,'^(CVE|http://cve.mitre.org)$')]) else true()
211-1 1
(of 5)
WARN SCHEMATRON oval:gov.nist.validation.r1100_scap11_win_rhel.patch:def:3 - Issue a warning if an OVAL patch class does not reference a CVE. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definition[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][3] if( @class eq 'patch' ) then exists(current()//oval-def:reference[matches(@source,'^(CVE|http://cve.mitre.org)$')]) else true()
211-1 1
(of 5)
WARN SCHEMATRON oval:gov.nist.validation.r1100_scap11_win_rhel.patch:def:4 - Issue a warning if an OVAL patch class does not reference a CVE. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definition[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][4] if( @class eq 'patch' ) then exists(current()//oval-def:reference[matches(@source,'^(CVE|http://cve.mitre.org)$')]) else true()
211-1 1
(of 5)
WARN SCHEMATRON oval:gov.nist.validation.r1100_scap11_win_rhel.patch:def:5 - Issue a warning if an OVAL patch class does not reference a CVE. /*:oval_definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definitions[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][1]/*:definition[namespace-uri()='http://oval.mitre.org/XMLSchema/oval-definitions-5'][5] if( @class eq 'patch' ) then exists(current()//oval-def:reference[matches(@source,'^(CVE|http://cve.mitre.org)$')]) else true()

r1100-scap11-win_rhel-xccdf.xml

Requirement Count Level Type Description Location Test
251-1 1
(of 3)
WARN SCHEMATRON r1100_scap11_win_rhel_validation_rule_6 - An xccdf:Rule should include an xccdf:ident containing a CVE, CCE, or CPE /*:Benchmark[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][1]/*:Rule[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][1] exists(xccdf:ident[matches(@system,'^(CCE|http://cce.mitre.org|CVE|http://cve.mitre.org|CPE|http://cpe.mitre.org)$')])
251-1 1
(of 3)
WARN SCHEMATRON r1100_scap11_win_rhel_validation_rule_7 - An xccdf:Rule should include an xccdf:ident containing a CVE, CCE, or CPE /*:Benchmark[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][1]/*:Rule[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][2] exists(xccdf:ident[matches(@system,'^(CCE|http://cce.mitre.org|CVE|http://cve.mitre.org|CPE|http://cpe.mitre.org)$')])
251-1 1
(of 3)
WARN SCHEMATRON security_patches_up_to_date - An xccdf:Rule should include an xccdf:ident containing a CVE, CCE, or CPE /*:Benchmark[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][1]/*:Group[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][4]/*:Rule[namespace-uri()='http://checklists.nist.gov/xccdf/1.1'][1] exists(xccdf:ident[matches(@system,'^(CCE|http://cce.mitre.org|CVE|http://cve.mitre.org|CPE|http://cpe.mitre.org)$')])