[INTERIM BRANCH] Admin Portal Expansion (#469)

* Admin Portal Expansion

Add:
Server Security Misconfiguration - Exposed Portal - Protected - P5
Server Security Misconfiguration - Exposed Portal - Admin Portal - P1
Server Security Misconfiguration - Exposed Portal - Non-Admin Portal - P3

Remove:
Server Security Misconfiguration - Exposed Admin Portal - To Internet - P3

* Indicators of Attack

Adding Indicators of Attack based on this: #466 issue.

* Revert "Indicators of Attack"

This reverts commit 3e0c017.

Author: TimmyBugcrowd

mappings/cvss_v3/cvss_v3.json

@@ -1105,6 +1105,23 @@
             }
           ]
         },
+        {
+          "id": "exposed_portal",
+          "children": [
+            {
+              "id": "protected",
+              "cvss_v3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N"
+            },
+            {
+              "id": "admin_portal",
+              "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+            },
+            {
+              "id": "non_admin_portal",
+              "cvss_v3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+            }
+          ]
+        },        
         {
           "id": "clickjacking",
           "children": [

mappings/remediation_advice/remediation_advice.json

@@ -1418,14 +1418,12 @@
           ]
         },
         {
-          "id": "exposed_admin_portal",
-          "children": [
-            {
-              "id": "to_internet",
-              "remediation_advice": "As a best practice, consider restricting admin portal access to internal users only."
-            }
+          "id": "exposed_portal",
+          "remediation_advice": "Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.",
+          "references": [
+            "https://nordlayer.com/learn/access-control/best-practices-and-implementation/"
           ]
-        },
+        },        
         {
           "id": "fingerprinting_banner_disclosure",
           "remediation_advice": "As a best practice, do not expose the specific software version."

vulnerability-rating-taxonomy.json

@@ -2479,15 +2479,27 @@
           "priority": 5
         },
         {
-          "id": "exposed_admin_portal",
-          "name": "Exposed Admin Portal",
+          "id": "exposed_portal",
+          "name": "Exposed Portal",
           "type": "subcategory",
           "children": [
             {
-              "id": "to_internet",
-              "name": "To Internet",
+              "id": "protected",
+              "name": "Protected",
               "type": "variant",
               "priority": 5
+            },
+            {
+              "id": "admin_portal",
+              "name": "Admin Portal",
+              "type": "variant",
+              "priority": 1
+            },
+            {
+              "id": "non_admin_portal",
+              "name": "Non-Admin Portal",
+              "type": "variant",
+              "priority": 3
             }
           ]
         },