示例#1
0
文件: utils.py 项目: kolachoor/vmc
def calculate_base_score_v3(cve: CveDocument) -> float:
    isc = impact_sub_score_v3(cve)
    exploitability = exploitability_v3(cve)

    if isc <= 0:
        return 0

    if ScopeV3(cve.scope_v3) == ScopeV3.UNCHANGED:
        base = min(isc + exploitability, 10)
    else:
        base = min(1.08 * (isc + exploitability), 10)

    return float(
        decimal.Decimal(base).quantize(decimal.Decimal('0.1'),
                                       rounding=decimal.ROUND_UP))
示例#2
0
文件: utils.py 项目: muchrons/vmc
def environmental_score_v3(cve: Cve, asset: Asset) -> float:
    isc = impact_sub_score_v3(cve, asset)
    exploitability = exploitability_v3(cve)

    if isc <= 0:
        return 0

    if ScopeV3(cve.scope_v3) == ScopeV3.UNCHANGED:
        score = isc + exploitability
    else:
        score = 1.08 * (isc + exploitability)

    return float(decimal.Decimal(min(score, 10) *
                                 exploit_code_maturity_v3() *
                                 remediation_level_v3() *
                                 report_confidence_v3())
                 .quantize(decimal.Decimal('0.1'), rounding=decimal.ROUND_UP))
示例#3
0
def calculate_environmental_score_v3(vuln) -> (float, str):
    if vuln.cve.base_score_v3:
        isc = impact_sub_score_v3(vuln.cve, vuln.asset)
        exploitability = exploitability_v3(vuln.cve)

        if isc <= 0:
            return 0

        if ScopeV3(vuln.cve.scope_v3) == ScopeV3.UNCHANGED:
            score = isc + exploitability
        else:
            score = 1.08 * (isc + exploitability)

        return float(
            decimal.Decimal(
                min(score, 10) * exploit_code_maturity_v3() *
                remediation_level_v3() * report_confidence_v3()).quantize(
                    decimal.Decimal('0.1'),
                    rounding=decimal.ROUND_UP)), cvss_vector_v3(vuln)
    return 0.0, '-'
示例#4
0
文件: utils.py 项目: muchrons/vmc
def impact_sub_score_v3(cve: Cve, asset: Asset) -> float:
    isc = impact_sub_score_base_v3(cve, asset)
    if ScopeV3(cve.scope_v3) == ScopeV3.UNCHANGED:
        return 6.42 * isc
    return 7.52 * (isc - 0.029) - 3.25 * pow(isc - 0.02, 15)
示例#5
0
文件: utils.py 项目: kolachoor/vmc
def impact_sub_score_v3(cve: CveDocument) -> float:
    isc_base = impact_sub_score_base_v3(cve)
    if ScopeV3(cve.scope_v3) == ScopeV3.UNCHANGED:
        return 6.42 * isc_base

    return 7.52 * (isc_base - 0.029) - 3.25 * pow(isc_base - 0.02, 15)