CVSS操作库,方便计算分数。
pycvss的Python项目详细描述
根据通用漏洞评分系统轻松操作和计算分数
功能
- 计算基础、时间和环境分数
- 从短矢量转换为短矢量(“av:n/a c:l/au:n/c:c/i:c/a:c”)
- 100%测试覆盖率
- 纯Python
用法
c=Cvss()# Build from enums:c.set(AV.network)c.set(E.functional)c.set(CDP.low)# Or from a vector:c=Cvss.from_vector("AV:N/CDP:L/E:F")# Get scores.c.to_vector())# "AV:N/CDP:L/E:F"c.base_score# 7.8c.temporal_score# 6.4c.environmental_score# 9.2
或来自真正的CVE(2002年3月92日)
c=Cvss.from_vector("AV:N/AC:L/Au:N/C:N/I:N/A:C")# tempc.set(E.functional)c.set(RL.official_fix)c.set(RC.confirmed)# envc.set(CDP.high)c.set(TD.high)c.set(CR.medium)c.set(IR.medium)c.set(AR.high)print(c)A:C/AC:L/AR:H/AV:N/Au:N/C:N/CDP:H/CR:M/E:F/I:N/IR:M/RC:C/RL:OF/TD:Hbasescore7.8accessvector1.0accesscomplexity0.71authentication0.704confidentialityimpact0.0integrityimpact0.0availabilityimpact0.66temporalscore6.4exploitability0.95remediationlevel0.87reportconfidence1.0environmentalscore9.2collateraldamagepotential0.5targetdistribution1.0confidentialityrequirement1.0integrityrequirement1.0availabilityrequirement1.51