Documentation for Open Vulnerability and Assessment Language (OVAL®)
Definition Type: Element
Name: configuration
Namespace: http://oval.mitre.org/XMLSchema/oval
Containing Schema: oval-schema.xsd
Abstract
Documentation:
Tests under the configuration section describe conditions that violate a secure baseline or recommendation. For example, if a vulnerable Microsoft Windows .dll file is part of a specific service, then a machine might only be exploitable if that service is actually running. Even though the vulnerable file exists on the disk, the vulnerability can be mitigated by disabling the service. The test determining if the service is running would be under the configuration section. The optional operation attribute determines how to handle multiple criterion elements. Possible values are: AND, OR, XOR. A value of AND means that each criterion must be true for the configuration section to return true. A value of OR means that only one criterion must be true for the configuration section to return turn. XOR is defined to be true if an odd number of criterion are true, and false otherwise.
Collapse XSD Schema Diagram:
Drilldown into criterion in schema oval-schema_xsd Drilldown into operation in schema oval-schema_xsdXSD Diagram of configuration in schema oval-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))
Collapse XSD Schema Code: 
<xsd:element name="configuration">
    <xsd:annotation>
        <xsd:documentation>Tests under the configuration section describe conditions that violate a secure baseline or recommendation.  For example, if a vulnerable Microsoft Windows .dll file is part of a specific service, then a machine might only be exploitable if that service is actually running.  Even though the vulnerable file exists on the disk, the vulnerability can be mitigated by disabling the service.  The test determining if the service is running would be under the configuration section.  The optional operation attribute determines how to handle multiple criterion elements.  Possible values are: AND, OR, XOR.  A value of AND means that each criterion must be true for the configuration section to return true.  A value of OR means that only one criterion must be true for the configuration section to return turn.  XOR is defined to be true if an odd number of criterion are true, and false otherwise.</xsd:documentation>
        <xsd:appinfo>
            <cardinality>0-1</cardinality>
            <attributes>[operation]</attributes>
            <content>none</content>
            <parent_elements>criteria</parent_elements>
            <child_elements>criterion</child_elements>
        </xsd:appinfo>
    </xsd:annotation>
    <xsd:complexType>
        <xsd:sequence>
            <xsd:element ref="oval:criterion" minOccurs="1" maxOccurs="unbounded" />
        </xsd:sequence>
        <xsd:attribute name="operation" type="oval:operations" use="optional" default="AND" />
    </xsd:complexType>
</xsd:element>
Collapse Child Elements:
Name Type Min Occurs Max Occurs
criterion oval:criterion 1 unbounded
Collapse Child Attributes:
Name Type Default Value Use
operation oval:operation AND Optional
Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0