merge CNA Rules changes from dev

alinh-mitre · alinh-mitre · commit 629d6cdb2f1a · 2021-05-10T10:35:30.000-04:00
diff --git a/src/assets/data/boardCharter.json b/src/assets/data/boardCharter.json
@@ -13,7 +13,7 @@
 	 },
 	 {"subSectionId": "member_backgrounds",
           "subSectionTitle": "Board Member Backgrounds",
-	  "subSectionParagraphs": ["Board members are not limited to but traditionally fit into one or more of the following categories:<ul><li><b>Technical Implementers</b> provide input and guidance regarding the creation, design, review, maintenance, and applications of CVE List entries (<a href='/ResourcesSupport/FAQs#pc_cve_recordswhat_is_cve_record' target='_blank'>CVE Entries</a>). This may include individuals who integrate CVE Entries into products, such as content and development engineers working for product vendors, and others who consume CVE Entries.</li><li><b>Subject Matter Experts (SMEs)</b> represent a significant constituency related to &mdash; or affected by &mdash; CVE, and are domain experts in the vulnerability management and reporting field. These members may include representatives from product vendors who represent the needs of their company, such as PSIRT team members, or product managers and product strategists who are representing customers.</li><li><b>Advocates</b> actively support or promote CVE in a highly visible fashion. These individuals are respected leaders within the security community who help bring credibility to CVE and give it a wider reach outside of the security community.</li></ul>"],
+	  "subSectionParagraphs": ["Board members are not limited to but traditionally fit into one or more of the following categories:<ul><li><b>Technical Implementers</b> provide input and guidance regarding the creation, design, review, maintenance, and applications of CVE List records (<a href='/ResourcesSupport/FAQs#pc_cve_recordswhat_is_cve_record' target='_blank'>CVE Records</a>). This may include individuals who integrate CVE Records into products, such as content and development engineers working for product vendors, and others who consume CVE Records.</li><li><b>Subject Matter Experts (SMEs)</b> represent a significant constituency related to &mdash; or affected by &mdash; CVE, and are domain experts in the vulnerability management and reporting field. These members may include representatives from product vendors who represent the needs of their company, such as PSIRT team members, or product managers and product strategists who are representing customers.</li><li><b>Advocates</b> actively support or promote CVE in a highly visible fashion. These individuals are respected leaders within the security community who help bring credibility to CVE and give it a wider reach outside of the security community.</li></ul>"],
 	  "subSubSections":[]
 	 },
 	 {"subSectionId": "structure",
diff --git a/src/assets/data/cnaRules.json b/src/assets/data/cnaRules.json
@@ -5,8 +5,8 @@
     "pageSections": [
     {"sectionId": "section_1_introduction",
      "sectionTitle": "Introduction",
-     "sectionParagraphs": ["CVE® is a list of information security vulnerabilities and exposures that provides common identifiers for publicly known cybersecurity vulnerabilities. CVE makes it possible to share data across separate vulnerability capabilities (cybersecurity tools, repositories, and services) with this common enumeration. The use of <a href='/ResourcesSupport/FAQs#pc_cve_recordswhat_is_cve_record'>CVE Records</a> ensures that two or more parties can confidently refer to a <a href='/ResourcesSupport/FAQs#pc_cve_id_requestswhat_is_cve_id'>CVE Identifier (CVE ID)</a> when discussing or sharing information about a unique vulnerability. In this way, CVE is fundamental to the vulnerability management infrastructure.",
-			   "The CVE Program’s primary challenge is to satisfy the demand for timely, accurate CVE ID assignments and CVE Record Publishing, while rapidly expanding the scope of coverage to address the increasing number of vulnerabilities and evolving state of vulnerability management. The CVE Program is overseen by the <a href='/ProgramOrganization/Board'>CVE Board</a> (hereinafter the Board). To address the CVE Program's scalability challenge, the Board determined that the CVE Program must be federated and that CVE Records should be produced both more quickly and in a more decentralized manner."],
+     "sectionParagraphs": ["CVE<sup>®</sup> is a list of information security vulnerabilities and exposures that provides common identifiers for publicly known cybersecurity vulnerabilities. CVE makes it possible to share data across separate vulnerability capabilities (cybersecurity tools, repositories, and services) with this common enumeration. The use of <a href='/ResourcesSupport/FAQs#pc_cve_recordswhat_is_cve_record'>CVE Records</a> ensures that two or more parties can confidently refer to a <a href='/ResourcesSupport/FAQs#pc_cve_id_requestswhat_is_cve_id'>CVE Identifier (CVE ID)</a> when discussing or sharing information about a unique vulnerability. In this way, CVE is fundamental to the vulnerability management infrastructure.",
+			   "The CVE Program’s primary challenge is to satisfy the demand for timely, accurate CVE ID assignments and CVE Record publishing, while rapidly expanding the scope of coverage to address the increasing number of vulnerabilities and evolving state of vulnerability management. The CVE Program is overseen by the <a href='/ProgramOrganization/Board'>CVE Board</a> (hereinafter the Board). To address the CVE Program's scalability challenge, the Board determined that the CVE Program must be federated and that CVE Records should be produced both more quickly and in a more decentralized manner."],
      "subSections": [
 	 {"subSectionId": "section_1-1_cnas",
 	  "subSectionTitle": "CVE Numbering Authorities (CNAs)",
diff --git a/src/assets/data/faqs.json b/src/assets/data/faqs.json
@@ -7,7 +7,7 @@
 				"questionId": "what_is_cve",
 				"questionText": "What is CVE",
 				"questionResponseParagraphs": [
-					"The mission of the Common Vulnerability and Enumeration (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.",
+					"The mission of the Common Vulnerability and Enumeration (CVE<sup>®</sup>) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.",
 					"See the <a href='/About/Overview'>Overview</a> page for additional information."
 				]
 			},
diff --git a/src/assets/data/navigation.json b/src/assets/data/navigation.json
@@ -277,7 +277,7 @@
     "id": "5",
     "label": "Resources & Support",
     "path": "ResourcesSupport",
-    "primaryNavPath": "/ResourcesSupport/ReportRequest",
+    "primaryNavPath": "/ResourcesSupport/Resources",
     "submenu": {
       "Resources": {
         "id": "5.0",
diff --git a/src/components/FooterModule.vue b/src/components/FooterModule.vue
@@ -72,7 +72,7 @@
     </div>
     <div class="content">
       <p>
-        Use of the CVE® List and the associated references from this website are subject to the
+        Use of the CVE<sup>®</sup> List and the associated references from this website are subject to the
         <router-link to="/Legal/TermsOfUse">terms of use</router-link>. CVE is sponsored by the
         <a href="https://www.dhs.gov/">U.S. Department of Homeland Security (DHS)
           <span class="icon cve-icon-xxs">
diff --git a/src/views/About/History.vue b/src/views/About/History.vue
@@ -6,7 +6,9 @@
           <div class="content">
             <h1 :id="cvenavs['About']['submenu']['History']" class="title">
             {{cvenavs['About']['submenu']['History']['label']}}</h1>
-            <p class="cve-help-text">Most of the links below will take you to external websites; these links
+            <p class="cve-help-text">Most of the links below will take you to external websites
+            <span class="icon cve-icon-xxs help-text-icon"><font-awesome-icon icon="external-link-alt" aria-labelledby="extenalSiteLinks"/>
+            </span>; these links
               will open in a new window or tab depending on your browser.</p>
             <h2 :id="cvenavs['About']['submenu']['History']['items']['Overview']['anchorId']" class="title cve-heading-top-spacing">
             {{cvenavs['About']['submenu']['History']['items']['Overview']['label']}}</h2>
diff --git a/src/views/About/Overview.vue b/src/views/About/Overview.vue
@@ -11,7 +11,7 @@
               {{cvenavs['About']['submenu']['Overview']['items']['About the CVE Program']['label']}}
             </h2>
             <p>
-              The mission of the CVE® Program is to identify,
+              The mission of the CVE<sup>®</sup> Program is to identify,
               define, and catalog publicly disclosed cybersecurity
               <router-link to="/About/Glossary?activeTerm=glossaryVulnerability">vulnerabilities</router-link>. There is one
               <router-link to="/About/Glossary?activeTerm=glossaryRecord">CVE Record</router-link> for each
@@ -30,7 +30,7 @@
                 </iframe>
               </figure>
               <p>
-                Introduction to the CVE® Program, including what is CVE, goals of the program, who operates the
+                Introduction to the CVE<sup>®</sup> Program, including what is CVE, goals of the program, who operates the
                 program, and program organization.
               </p>
             </div>
diff --git a/src/views/About/RelatedEfforts.vue b/src/views/About/RelatedEfforts.vue
@@ -7,6 +7,10 @@
              <h1 :id="cvenavs['About']['submenu']['Related Efforts']['id']" class="title">
               {{cvenavs['About']['submenu']['Related Efforts']['label']}}
              </h1>
+            <p class="cve-help-text">Most of the links below will take you to external
+              websites <span class="icon cve-icon-xxs"><font-awesome-icon icon="external-link-alt" aria-labelledby="extenalSiteLinks"/>
+              </span>; these links will open in a new window or tab depending on your browser.</p>
+            <p>
              <h2 :id="cvenavs['About']['submenu']['Related Efforts']['items']['National Vulnerability Database (NVD)']['anchorId']"
               class="title cve-heading-top-spacing">
                {{cvenavs['About']['submenu']['Related Efforts']['items']['National Vulnerability Database (NVD)']['label']}}</h2>
@@ -111,7 +115,7 @@
               {{cvenavs['About']['submenu']['Related Efforts']['items']['Adversarial Tactics, Techniques & Common Knowledge (ATT&CK)']['label']}}
             </h2>
             <p>
-              <a href="https://attack.mitre.org/" target="_blank">ATT&CK®</a> is a knowledge base of cyber adversary behavior and taxonomy
+              <a href="https://attack.mitre.org/" target="_blank">ATT&CK<sup>®</sup></a> is a knowledge base of cyber adversary behavior and taxonomy
               for adversarial
               actions across their lifecycle. Some “Techniques” listed in ATT&CK, which define how an adversary achieves a tactical goal by
               performing an action, target specific CVE Records. For example, the <a href="https://attack.mitre.org/techniques/T1068/"
diff --git a/src/views/Downloads.vue b/src/views/Downloads.vue
@@ -122,29 +122,29 @@
                     XML Files By Year:
                   </p>
                   <ul class="mt-0 tile-body cve-task-tile-list cve-list-no-bullet">
-                    <li><a href="/data/downloads/allitems-cvrf-year-2021.xml">CVE-2021-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2020.xml">CVE-2020-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2019.xml">CVE-2019-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2018.xml">CVE-2018-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2017.xml">CVE-2017-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2016.xml">CVE-2016-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2015.xml">CVE-2015-xxxxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2014.xml">CVE-2014-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2013.xml">CVE-2013-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2012.xml">CVE-2012-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2011.xml">CVE-2011-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2010.xml">CVE-2010-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2009.xml">CVE-2009-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2008.xml">CVE-2008-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2007.xml">CVE-2007-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2006.xml">CVE-2006-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2005.xml">CVE-2005-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2004.xml">CVE-2004-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2003.xml">CVE-2003-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2002.xml">CVE-2002-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2001.xml">CVE-2001-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-2000.xml">CVE-2000-xxxx records</a></li>
-                    <li><a href="/data/downloads/allitems-cvrf-year-1999.xml">CVE-1999-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2021.xml">CVE-2021-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2020.xml">CVE-2020-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2019.xml">CVE-2019-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2018.xml">CVE-2018-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2017.xml">CVE-2017-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2016.xml">CVE-2016-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2015.xml">CVE-2015-xxxxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2014.xml">CVE-2014-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2013.xml">CVE-2013-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2012.xml">CVE-2012-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2011.xml">CVE-2011-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2010.xml">CVE-2010-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2009.xml">CVE-2009-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2008.xml">CVE-2008-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2007.xml">CVE-2007-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2006.xml">CVE-2006-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2005.xml">CVE-2005-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2004.xml">CVE-2004-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2003.xml">CVE-2003-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2002.xml">CVE-2002-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2001.xml">CVE-2001-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-2000.xml">CVE-2000-xxxx records</a></li>
+                    <li><a href="https://cve.mitre.org/data/downloads/allitems-cvrf-year-1999.xml">CVE-1999-xxxx records</a></li>
                   </ul>
                 </article>
               </div>
diff --git a/src/views/Home.vue b/src/views/Home.vue
@@ -6,7 +6,7 @@
     <div class="container cve-mission-container mt-1">
       <h1 class="title is-hidden">CVE</h1>
       <h2 class="title cve-heading-top-spacing">
-        CVE® Program Mission
+        CVE<sup id="cve-mission-trademark">®</sup> Program Mission
       </h2>
       <div id="cve-mission-text" class="subtitle">
         Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
@@ -124,4 +124,8 @@ export default {
 .cve-margin-top-neg7 {
   margin-top: -7px !important;
 }
+
+#cve-mission-trademark {
+  font-size: 18px;
+}
 </style>
diff --git a/src/views/Legal/TermsOfUse.vue b/src/views/Legal/TermsOfUse.vue
@@ -8,7 +8,7 @@
             <h2 class="title">License</h2>
             <p>
               <span class="has-text-weight-bold">Submissions:</span> For all materials you submit to the Common Vulnerabilities
-              and Exposures (CVE®), you hereby grant to The MITRE Corporation (MITRE) and all
+              and Exposures (CVE<sup>®</sup>), you hereby grant to The MITRE Corporation (MITRE) and all
               CVE Numbering Authorities (CNAs) a perpetual, worldwide, non-exclusive, no-charge,
               royalty-free, irrevocable copyright license to reproduce, prepare derivative works
               of, publicly display, publicly perform, sublicense, and distribute such materials
@@ -23,7 +23,7 @@
             non-exclusive, no-charge, royalty-free, irrevocable copyright license
             to reproduce, prepare derivative works of, publicly display, publicly
             perform, sublicense, and distribute Common Vulnerabilities and Exposures
-            (CVE®). Any copy you make for such purposes is authorized provided that
+            (CVE<sup>®</sup>). Any copy you make for such purposes is authorized provided that
             you reproduce MITRE's copyright designation and this license in any such
             copy.
             </p>
diff --git a/src/views/Media/NewsItem.vue b/src/views/Media/NewsItem.vue
@@ -9,7 +9,9 @@
           <div class="content" v-else>
             <h1 class="title">{{newsItem.title}}</h1>
             <p class="cve-help-text">
-              Most of the links below will take you to external websites; these links will open in a new window or tab depending on your browser.
+              Most of the links below will take you to external websites <span class="icon cve-icon-xxs help-text-icon">
+              <font-awesome-icon icon="external-link-alt" aria-labelledby="extenalSiteLinks"/>
+              </span>; these links will open in a new window or tab depending on your browser.
             </p>
             <span class ="level is-mobile has-text-grey-dark mb-3">
               <div class ="level-left">
diff --git a/src/views/PartnerInformation/PartnerDetails.vue b/src/views/PartnerInformation/PartnerDetails.vue
@@ -5,7 +5,9 @@
         <main id="cve-main-page-content" role="main">
           <div class="content">
             <h1 class="title">{{partner.organizationName}}</h1>
-            <p class="cve-help-text">Most of the links below will take you to external websites; these links will open
+            <p class="cve-help-text">Most of the links below will take you to external websites <span class="icon cve-icon-xxs help-text-icon">
+              <font-awesome-icon icon="external-link-alt" aria-labelledby="extenalSiteLinks"/>
+              </span>; these links will open
               in a new window or tab depending on your browser settings.</p>
             <table class="table cve-border-dark-blue is-striped is-hoverable">
               <caption class="is-hidden">{{partner.organizationName}}</caption>
diff --git a/src/views/ProgramOrganization/Board.vue b/src/views/ProgramOrganization/Board.vue

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,7 @@`
`7`	`7`	`"questionId": "what_is_cve",`
`8`	`8`	`"questionText": "What is CVE",`
`9`	`9`	`"questionResponseParagraphs": [`
`10`		`- "The mission of the Common Vulnerability and Enumeration (CVE®) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.",`
	`10`	`+ "The mission of the Common Vulnerability and Enumeration (CVE<sup>®</sup>) Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.",`
`11`	`11`	`"See the <a href='/About/Overview'>Overview</a> page for additional information."`
`12`	`12`	`]`
`13`	`13`	`},`