def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = obj.get_is_known()
return_obj.is_publicly_acknowledged = obj.get_is_publicly_acknowledged(
)
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(
obj.get_Short_Description())
return_obj.cve_id = obj.get_CVE_ID()
return_obj.osvdb_id = obj.get_OSVDB_ID()
return_obj.source = obj.get_Source()
return_obj.cvss_score = CVSSVector.from_obj(obj.get_CVSS_Score())
return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(
obj.get_Discovered_DateTime())
return_obj.published_datetime = DateTimeWithPrecision.from_obj(
obj.get_Published_DateTime())
return_obj.affected_software = AffectedSoftware.from_obj(
obj.get_Affected_Software())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = utils.xml_bool(obj.is_known)
return_obj.is_publicly_acknowledged = utils.xml_bool(
obj.is_publicly_acknowledged)
return_obj.title = obj.Title
return_obj.description = StructuredText.from_obj(obj.Description)
return_obj.short_description = StructuredText.from_obj(
obj.Short_Description)
return_obj.cve_id = obj.CVE_ID
return_obj.osvdb_id = obj.OSVDB_ID
return_obj.source = obj.Source
return_obj.cvss_score = CVSSVector.from_obj(obj.CVSS_Score)
return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(
obj.Discovered_DateTime)
return_obj.published_datetime = DateTimeWithPrecision.from_obj(
obj.Published_DateTime)
return_obj.affected_software = AffectedSoftware.from_obj(
obj.Affected_Software)
if obj.References:
return_obj.references = obj.References.Reference
return return_obj
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = dict_repr.get('is_known')
return_obj.is_publicly_acknowledged = dict_repr.get(
'is_publicly_acknowledged')
return_obj.title = dict_repr.get('title')
return_obj.description = StructuredText.from_dict(
dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(
dict_repr.get('short_description'))
return_obj.cve_id = dict_repr.get('cve_id')
return_obj.osvdb_id = dict_repr.get('osvdb_id')
return_obj.source = dict_repr.get('source')
return_obj.cvss_score = CVSSVector.from_dict(
dict_repr.get('cvss_score'))
return_obj.discovered_datetime = DateTimeWithPrecision.from_dict(
dict_repr.get('discovered_datetime'))
return_obj.published_datetime = DateTimeWithPrecision.from_dict(
dict_repr.get('published_datetime'))
return_obj.affected_software = AffectedSoftware.from_dict(
dict_repr.get('affected_software'))
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.start = DateTimeWithPrecision.from_obj(obj.Start)
return_obj.end = DateTimeWithPrecision.from_obj(obj.End)
return return_obj
def from_dict(cls, d, return_obj=None):
if not d:
return None
if not return_obj:
return_obj = cls()
return_obj.start = DateTimeWithPrecision.from_dict(d.get('start'))
return_obj.end = DateTimeWithPrecision.from_dict(d.get('end'))
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.start = DateTimeWithPrecision.from_obj(obj.get_Start())
return_obj.end = DateTimeWithPrecision.from_obj(obj.get_End())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if return_obj is None:
return_obj = cls()
return_obj.start_time = DateTimeWithPrecision.from_obj(obj.Start_Time)
return_obj.end_time = DateTimeWithPrecision.from_obj(obj.End_Time)
return return_obj
def from_dict(cls, d, return_obj=None):
if not d:
return None
if not return_obj:
return_obj = cls()
return_obj.start = DateTimeWithPrecision.from_dict(d.get('start'))
return_obj.end = DateTimeWithPrecision.from_dict(d.get('end'))
return return_obj
def from_dict(cls, d, return_obj=None):
if not d:
return None
if return_obj is None:
return_obj = cls()
return_obj.start_time = DateTimeWithPrecision.from_dict(d.get('start_time'))
return_obj.end_time = DateTimeWithPrecision.from_dict(d.get('end_time'))
return return_obj
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.first_malicious_action = DateTimeWithPrecision.from_dict(
dict_repr.get('first_malicious_action'))
return_obj.initial_compromise = DateTimeWithPrecision.from_dict(
dict_repr.get('initial_compromise'))
return_obj.first_data_exfiltration = DateTimeWithPrecision.from_dict(
dict_repr.get('first_data_exfiltration'))
return_obj.incident_discovery = DateTimeWithPrecision.from_dict(
dict_repr.get('incident_discovery'))
return_obj.incident_opened = DateTimeWithPrecision.from_dict(
dict_repr.get('incident_opened'))
return_obj.containment_achieved = DateTimeWithPrecision.from_dict(
dict_repr.get('containment_achieved'))
return_obj.restoration_achieved = DateTimeWithPrecision.from_dict(
dict_repr.get('restoration_achieved'))
return_obj.incident_reported = DateTimeWithPrecision.from_dict(
dict_repr.get('incident_reported'))
return_obj.incident_closed = DateTimeWithPrecision.from_dict(
dict_repr.get('incident_closed'))
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.first_malicious_action = DateTimeWithPrecision.from_obj(
obj.First_Malicious_Action)
return_obj.initial_compromise = DateTimeWithPrecision.from_obj(
obj.Initial_Compromise)
return_obj.first_data_exfiltration = DateTimeWithPrecision.from_obj(
obj.First_Data_Exfiltration)
return_obj.incident_discovery = DateTimeWithPrecision.from_obj(
obj.Incident_Discovery)
return_obj.incident_opened = DateTimeWithPrecision.from_obj(
obj.Incident_Opened)
return_obj.containment_achieved = DateTimeWithPrecision.from_obj(
obj.Containment_Achieved)
return_obj.restoration_achieved = DateTimeWithPrecision.from_obj(
obj.Restoration_Achieved)
return_obj.incident_reported = DateTimeWithPrecision.from_obj(
obj.Incident_Reported)
return_obj.incident_closed = DateTimeWithPrecision.from_obj(
obj.Incident_Closed)
return return_obj
def end(self, value):
if not value:
self._end = None
elif isinstance(value, DateTimeWithPrecision):
self._end = value
else:
self._end = DateTimeWithPrecision(value)
def start(self, value):
if not value:
self._start = None
elif isinstance(value, DateTimeWithPrecision):
self._start = value
else:
self._start = DateTimeWithPrecision(value)
def containment_achieved(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._containment_achieved = value
else:
self._containment_achieved = DateTimeWithPrecision(value=value)
else:
self._containment_achieved = None
def restoration_achieved(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._restoration_achieved = value
else:
self._restoration_achieved = DateTimeWithPrecision(value=value)
else:
self._restoration_achieved = None
def discovered_datetime(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._discovered_datetime = value
else:
self._discovered_datetime = DateTimeWithPrecision(value=value)
else:
self._discovered_datetime = None
def initial_compromise(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._initial_compromise = value
else:
self._initial_compromise = DateTimeWithPrecision(value=value)
else:
self._initial_compromise = None
def incident_discovery(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._incident_discovery = value
else:
self._incident_discovery = DateTimeWithPrecision(value=value)
else:
self._incident_discovery = None
def incident_opened(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._incident_opened = value
else:
self._incident_opened = DateTimeWithPrecision(value=value)
else:
self._incident_opened = None
def first_malicious_action(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._first_malicious_action = value
else:
self._first_malicious_action = DateTimeWithPrecision(
value=value)
else:
self._first_malicious_action = None
def first_data_exfiltration(self, value):
if value:
if isinstance(value, DateTimeWithPrecision):
self._first_data_exfiltration = value
else:
self._first_data_exfiltration = DateTimeWithPrecision(
value=value)
else:
self._first_data_exfiltration = None
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = dict_repr.get('is_known')
return_obj.is_publicly_acknowledged = dict_repr.get('is_publicly_acknowledged')
return_obj.title = dict_repr.get('title')
return_obj.description = StructuredText.from_dict(dict_repr.get('description'))
return_obj.short_description = StructuredText.from_dict(dict_repr.get('short_description'))
return_obj.cve_id = dict_repr.get('cve_id')
return_obj.osvdb_id = dict_repr.get('osvdb_id')
return_obj.source = dict_repr.get('source')
return_obj.cvss_score = CVSSVector.from_dict(dict_repr.get('cvss_score'))
return_obj.discovered_datetime = DateTimeWithPrecision.from_dict(dict_repr.get('discovered_datetime'))
return_obj.published_datetime = DateTimeWithPrecision.from_dict(dict_repr.get('published_datetime'))
return_obj.affected_software = AffectedSoftware.from_dict(dict_repr.get('affected_software'))
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = obj.get_is_known()
return_obj.is_publicly_acknowledged = obj.get_is_publicly_acknowledged()
return_obj.title = obj.get_Title()
return_obj.description = StructuredText.from_obj(obj.get_Description())
return_obj.short_description = StructuredText.from_obj(obj.get_Short_Description())
return_obj.cve_id = obj.get_CVE_ID()
return_obj.osvdb_id = obj.get_OSVDB_ID()
return_obj.source = obj.get_Source()
return_obj.cvss_score = CVSSVector.from_obj(obj.get_CVSS_Score())
return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(obj.get_Discovered_DateTime())
return_obj.published_datetime = DateTimeWithPrecision.from_obj(obj.get_Published_DateTime())
return_obj.affected_software = AffectedSoftware.from_obj(obj.get_Affected_Software())
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.first_malicious_action = DateTimeWithPrecision.from_obj(obj.First_Malicious_Action)
return_obj.initial_compromise = DateTimeWithPrecision.from_obj(obj.Initial_Compromise)
return_obj.first_data_exfiltration = DateTimeWithPrecision.from_obj(obj.First_Data_Exfiltration)
return_obj.incident_discovery = DateTimeWithPrecision.from_obj(obj.Incident_Discovery)
return_obj.incident_opened = DateTimeWithPrecision.from_obj(obj.Incident_Opened)
return_obj.containment_achieved = DateTimeWithPrecision.from_obj(obj.Containment_Achieved)
return_obj.restoration_achieved = DateTimeWithPrecision.from_obj(obj.Restoration_Achieved)
return_obj.incident_reported = DateTimeWithPrecision.from_obj(obj.Incident_Reported)
return_obj.incident_closed = DateTimeWithPrecision.from_obj(obj.Incident_Closed)
return return_obj
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
return_obj.first_malicious_action = DateTimeWithPrecision.from_dict(dict_repr.get('first_malicious_action'))
return_obj.initial_compromise = DateTimeWithPrecision.from_dict(dict_repr.get('initial_compromise'))
return_obj.first_data_exfiltration = DateTimeWithPrecision.from_dict(dict_repr.get('first_data_exfiltration'))
return_obj.incident_discovery = DateTimeWithPrecision.from_dict(dict_repr.get('incident_discovery'))
return_obj.incident_opened = DateTimeWithPrecision.from_dict(dict_repr.get('incident_opened'))
return_obj.containment_achieved = DateTimeWithPrecision.from_dict(dict_repr.get('containment_achieved'))
return_obj.restoration_achieved = DateTimeWithPrecision.from_dict(dict_repr.get('restoration_achieved'))
return_obj.incident_reported = DateTimeWithPrecision.from_dict(dict_repr.get('incident_reported'))
return_obj.incident_closed = DateTimeWithPrecision.from_dict(dict_repr.get('incident_closed'))
return return_obj
def from_dict(cls, dict_repr, return_obj=None):
if not dict_repr:
return None
if not return_obj:
return_obj = cls()
get = dict_repr.get
return_obj.is_known = utils.xml_bool(get("is_known"))
return_obj.is_publicly_acknowledged = utils.xml_bool(get("is_publicly_acknowledged"))
return_obj.title = get("title")
return_obj.descriptions = StructuredTextList.from_dict(get("description"))
return_obj.short_descriptions = StructuredTextList.from_dict(get("short_description"))
return_obj.cve_id = get("cve_id")
return_obj.osvdb_id = get("osvdb_id")
return_obj.source = get("source")
return_obj.cvss_score = CVSSVector.from_dict(get("cvss_score"))
return_obj.discovered_datetime = DateTimeWithPrecision.from_dict(get("discovered_datetime"))
return_obj.published_datetime = DateTimeWithPrecision.from_dict(get("published_datetime"))
return_obj.affected_software = AffectedSoftware.from_dict(get("affected_software"))
return_obj.references = get("references")
return return_obj
def from_obj(cls, obj, return_obj=None):
if not obj:
return None
if not return_obj:
return_obj = cls()
return_obj.is_known = utils.xml_bool(obj.is_known)
return_obj.is_publicly_acknowledged = utils.xml_bool(obj.is_publicly_acknowledged)
return_obj.title = obj.Title
return_obj.descriptions = StructuredTextList.from_obj(obj.Description)
return_obj.short_descriptions = StructuredTextList.from_obj(obj.Short_Description)
return_obj.cve_id = obj.CVE_ID
return_obj.osvdb_id = obj.OSVDB_ID
return_obj.source = obj.Source
return_obj.cvss_score = CVSSVector.from_obj(obj.CVSS_Score)
return_obj.discovered_datetime = DateTimeWithPrecision.from_obj(obj.Discovered_DateTime)
return_obj.published_datetime = DateTimeWithPrecision.from_obj(obj.Published_DateTime)
return_obj.affected_software = AffectedSoftware.from_obj(obj.Affected_Software)
if obj.References:
return_obj.references = obj.References.Reference
return return_obj
def test_shortcut_dict_representation(self):
"""If precision is the default value, to_dict should return a string"""
date_str = "2013-11-17T01:03:05"
d = DateTimeWithPrecision()
d.precision = "second"
d.value = date_str
self.assertEqual(str, type(d.to_dict()))
self.assertEqual(datetime.datetime, type(d.value))
self.assertEqual(date_str, d.to_dict())
d2 = round_trip(d, output=True)
self.assertEqual(d.to_dict(), d2.to_dict())
def convert_time_item_to_datetime(incident_time_item):
day_item = incident_time_item.get("day")
month_item = incident_time_item.get("month")
time_item = incident_time_item.get("time")
year_item = incident_time_item.get("year")
if not time_item:
time_item = "00:00:00"
precision = "day"
if not day_item:
day_item = 1
precision = "month"
if not month_item:
month_item = 1
precision = "year"
if not year_item:
error("Required 'year' item is missing in 'incident' item, skipping item")
return None
dateTime = DateTimeWithPrecision()
dateTime.precision = precision
value = convert_items_to_datetime(year_item, month_item, day_item, time_item)
if not value:
return None
dateTime.value = value
return dateTime
def discovered_datetime(self, value):
"""
Sets the time this vulnerability was discovered, represented as
class:`DateTimeWithPrecision`
Default Value: ``None``
Returns:
None
"""
if value:
if isinstance(value, DateTimeWithPrecision):
self._discovered_datetime = value
else:
self._discovered_datetime = DateTimeWithPrecision(value=value)
else:
self._discovered_datetime = None
def test_shortcut_dict_representation(self):
"""If precision is the default value, to_dict should return a string"""
date_str = "2013-11-17T01:03:05"
d = DateTimeWithPrecision()
d.precision = "second"
d.value = date_str
self.assertEqual(str, type(d.to_dict()))
self.assertEqual(datetime.datetime, type(d.value))
self.assertEqual(date_str, d.to_dict())
d2 = round_trip(d, output=True)
self.assertEqual(d.to_dict(), d2.to_dict())
def test_construction(self):
d = DateTimeWithPrecision()
d.precision = "hour"
d.value = datetime.datetime(2014, 2, 4, 8, 21, 33)
self.assertEqual(self._full_dict, d.to_dict())
def test_construction(self):
d = DateTimeWithPrecision()
d.precision = "hour"
d.value = datetime.datetime(2014, 2, 4, 8, 21, 33)
self.assertEqual(self._full_dict, d.to_dict())
def convert_value_unit_to_datetime(item, incident_date_time, fieldname):
unit_item = item.get("unit")
if unit_item == "Unknown":
warn("'%s' item contains 'Unknown'", fieldname)
return None
value_item = item.get("value")
# if no values, assume an half-way point to the next largest unit, except for years - 2 chosen somewhat arbitrarily
if not value_item:
imprecise = True
if unit_item == "Seconds":
value_item = 30
warn("'%s' item contains only 'Seconds' as unit information - assuming value is 30 seconds", fieldname)
elif unit_item == "Minutes":
value_item = 30
warn("'%s' item contains only 'Minutes' as unit information - assuming value is 30 minutes", fieldname)
elif unit_item == "Hours":
value_item = 12
warn("'%s' item contains only 'Hours' as unit information - assuming value is 12 hours", fieldname)
elif unit_item == "Days":
value_item = 3
warn("'%s' item contains only 'Days' as unit information - assuming value is 3 days", fieldname)
elif unit_item == "Weeks":
value_item = 2
warn("'%s' item contains only 'Weeks' as unit information - assuming value is 2 weeks", fieldname)
elif unit_item == "Months":
value_item = 6
warn("'%s' item contains only 'Months' as unit information - assuming value is 6 months", fieldname)
elif unit_item == "Years":
value_item = 2
warn("'%s' item contains only 'Years' as unit information - assuming value is 2 years", fieldname)
elif unit_item == "Never":
warn("'%s' item contains 'Never' as unit information - returning 0", fieldname)
return 0
elif unit_item == "NA":
warn("'%s' item contains 'NA' as unit information - returning 0", fieldname)
return 0
else:
imprecise = False
if unit_item == "Seconds":
if imprecise:
precision = "minute"
else:
precision = "second"
delta = timedelta(0, value_item)
elif unit_item == "Minutes":
if imprecise:
precision = "hour"
else:
precision = "minute"
delta = timedelta(0, 0, 0, 0, value_item)
elif unit_item == "Hours":
if imprecise:
precision = "day"
else:
precision = "hour"
delta = timedelta(0, 0, 0, 0, 0, value_item)
elif unit_item == "Days":
precision = "day"
delta = timedelta(value_item)
elif unit_item == "Weeks":
precision = "month"
delta = timedelta(0, 0, 0, 0, 0, 0, value_item)
elif unit_item == "Months":
if imprecise:
precision = "year"
else:
precision = "month"
delta = timedelta(0, 0, 0, 0, 0, 0, value_item * 4)
elif unit_item == "Years":
precision = "year"
delta = timedelta(value_item * 365)
elif unit_item == "Never":
warn("'%s' item contains 'Never' as unit information, but also a value, skipping", fieldname)
return None
elif unit_item == "NA":
warn("'%s' item contains 'NA' as unit information, but also a value, skipping", fieldname)
return None
dateTime = DateTimeWithPrecision()
dateTime.precision = precision
if fieldname == "compromise":
dateTime.value = incident_date_time.value - delta
else:
dateTime.value = incident_date_time.value + delta
return dateTime
def end_time(self, value):
if isinstance(value, DateTimeWithPrecision):
self._end_time = value
else:
self._end_time = DateTimeWithPrecision(value)
