def getcve(self, cveid=None):
if cveid is not None:
e = db.getCVE(cveid, collection=self.collection)
if e is None:
return None
if "cwe" in e and self.capeclookup:
if e['cwe'].lower() != 'unknown':
e['capec'] = self.getcapec(cweid=(e['cwe'].split('-')[1]))
if "vulnerable_configuration" in e:
vulconf = []
ranking = []
for conf in e['vulnerable_configuration']:
vulconf.append({'id': conf, 'title': self.getcpe(cpeid=conf)})
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
e['vulnerable_configuration'] = vulconf
if self.rankinglookup and len(ranking) > 0:
e['ranking'] = ranking
if self.via4lookup:
f = self.getVIA4(cveid)
if isinstance(f, dict):
e = dict(itertools.chain(e.items(), f.items()))
if self.subscorelookup:
exploitCVSS=exploitabilityScore(e)
impactCVSS =impactScore(e)
e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
else:
e = None
return e
def getcve(self, cveid=None):
if cveid is not None:
e = db.getCVE(cveid, collection=self.collection)
if e is None:
return None
if "cwe" in e and self.capeclookup:
if e['cwe'].lower() != 'unknown':
e['capec'] = self.getcapec(cweid=(e['cwe'].split('-')[1]))
if "vulnerable_configuration" in e:
vulconf = []
ranking = []
for conf in e['vulnerable_configuration']:
vulconf.append({'id': conf, 'title': self.getcpe(cpeid=conf)})
if self.rankinglookup:
rank = self.getranking(cpeid=conf)
if rank and rank not in ranking:
ranking.append(rank)
e['vulnerable_configuration'] = vulconf
if self.rankinglookup and len(ranking) > 0:
e['ranking'] = ranking
if self.reflookup:
f = self.getRefs(cveid=cveid)
if not isinstance(f, str):
g = dict(itertools.chain(e.items(), f.items()))
e = g
if self.subscorelookup:
exploitCVSS=exploitabilityScore(e)
impactCVSS =impactScore(e)
e['exploitCVSS']=(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
e['impactCVSS']=(math.ceil(impactCVSS*10)/10) if type(impactCVSS) is not str else impactCVSS
else:
e = None
return e
def _enhance(self, cve, via4=False, subscore=False, ranking=False, **kwargs):
if isinstance(cve, CVE): cve = [cve]
for c in cve:
# update CPE's for titles
vulns = []
for vuln in c.vulnerable_configuration:
vulns.append(DatabaseLayer().CPE.get(vuln.id))
c.vulnerable_configuration = vulns
# Extra updates
if via4:
c.via4 = DatabaseLayer().VIA4.get(c.id)
if ranking:
ranks = set()
for config in c.vulnerable_configuration:
rank = DatabaseLayer().CPE.ranking(config.id)
if rank:
rank = [hashableDict(x) for x in rank] # making the dict hashable
ranks.add(tuple(rank)) # tuple cuz lists are not hahsable
c.ranking = ranks
if subscore:
exploitCVSS=exploitabilityScore(cve)
impactCVSS =impactScore(cve)
cve.access.cvss =(math.ceil(exploitCVSS*10)/10) if type(exploitCVSS) is not str else exploitCVSS
cve.impact.cvss =(math.ceil(impactCVSS *10)/10) if type(impactCVSS) is not str else impactCVSS