def getLastTeamVulns(cur, team, limit): return cvedb.getVulns(getCPENames(team), limit)
def getStatistics(cur, team):
today=date.today()
start=date(today.year, today.month,1)
if today.month < 12: end=date(today.year, today.month+1,1)
else: end=date(today.year+1, 1, 1)
systems=[]
for x in getGroupVulns(team):
new=0
closed=0
oac=0
tickets=[]
for cpe in [y["cpe"] for y in x["components"]]:
tickets.extend([getTicket(cve, cpe, x["groupName"], team) for cve in [x["id"] for x in cvedb.getVulns([cpe], 0)]])
for ticket in tickets:
opened=False
for action in ticket.history:
aDate=date(action["time"].year, action["time"].month, action["time"].day)
if "status" in action and aDate >= start and aDate < end:
if action["status"] == _DEFAULT_STATUS_TEXT:
new+=1
opened=True
elif action["status"].lower().startswith("closed"):
if opened:
oac+=1
new-=1
else:
closed+=1
systems.append({"systems":x["groupName"], "new": new, "closed": closed, "openedAndClosed":oac})
return systems
def getVulnsForSystem(cur, groupName, systemTeam, cpes=None):
if type(cpes) is not list and cpes:cpes=[cpes]
if not cpes:
cur.execute("""SELECT name FROM Components WHERE id IN (
SELECT component_id FROM Components_in_System_Group WHERE system_group_id IN (
SELECT id FROM System_Groups WHERE name = %s AND team_id IN (
SELECT id FROM Teams WHERE name = %s )));""",(groupName, systemTeam))
cpes=[x[0] for x in cur.fetchall()]
# Get tickets for every cve for the vulnerable systems
tickets=[]
for cpe in cpes:
tickets.extend([getTicket(cve, cpe, groupName, systemTeam) for cve in [x["id"] for x in cvedb.getVulns([cpe], 0)]])
tickets=[x for x in tickets if not x.status.lower().startswith("closed")]
return tickets
