def _create_nessus_cve(self, item): cve = CveDocument() cve.id = 'NESSUS-{}'.format(item.get('pluginID')) base_score_v2 = get_value(item.find('cvss_base_score')) if base_score_v2: cve.base_score_v2 = float(base_score_v2) base_score_v3 = get_value(item.find('cvss3_base_score')) if base_score_v3: cve.base_score_v3 = float(base_score_v3) cve = self._create_nessus_cve_cvss3_vector(item, cve) cve = self._create_nessus_cve_cvss_vector(item, cve) return cve
def get_cve(cve_id, oid, tags): if cve_id == 'NOCVE': cve_id = F'NOCVE-{oid}' cve = CveDocument.get_or_create(cve_id=cve_id) vector = tags['cvss_base_vector'] vector = dict(x.split(':') for x in vector.split('/')) new_cve = CveDocument(id=cve_id) new_cve.access_vector_v2 = metrics.AccessVectorV2(vector['AV']) new_cve.access_complexity_v2 = metrics.AccessComplexityV2(vector['AC']) new_cve.authentication_v2 = metrics.AuthenticationV2(vector['Au']) new_cve.confidentiality_impact_v2 = metrics.ImpactV2(vector['C']) new_cve.integrity_impact_v2 = metrics.ImpactV2(vector['I']) new_cve.availability_impact_v2 = metrics.ImpactV2(vector['A']) new_cve.base_score_v2 = calculate_base_score_v2(new_cve) if cve.has_changed(new_cve): return cve.update(new_cve, refresh=True) return cve return CveDocument.get_or_create(cve_id=cve_id)