| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 |
- import logging, sys
- import re
- import datetime
- class CVEParse:
- """
- Functions for downloading and parsing Common Vulnerability DB data.
- """
- logging.basicConfig(stream=sys.stderr, level=logging.DEBUG)
- @staticmethod
- def correctCVE(cve_id):
- cve_id_new = cve_id
- if cve_id == 2116:
- cve_id_new = 1921
- return cve_id_new
- @staticmethod
- def fetchCVE(cve_id, client):
- """
- Get details of given CVE entry from NIST DB - we use cve-search and mongodb
- """
- logging.info('Fetching CVE: ' + cve_id + '\n')
- # Make this subtitution for some reason
- cve_id = re.sub('^CAN', 'CVE', cve_id)
- cve_id = CVEParse.correctCVE(cve_id)
- ##
- ## get CVE Scores from db
- ##
- db = client.cvedb
- collection = db.cves
- cve = collection.find_one({"id": cve_id})
- if cve == '':
- logging.warning('CVE not found in mongodb')
- return cve
- # Check for error pages: referenced but unpublished CVEs :-/
- @staticmethod
- def parseCVE(cve_id, cve):
- """
- Get CVE severity rating and report date, and return
- (date base-score impact-score exploit-score)
- """
- # use worst case info as defaults
- cve_date = datetime.datetime.now()
- cve_base = 10
- cve_impact = 10
- cve_exploit = 10
- try:
- if cve == None:
- print('CVE' + str(cve_id) + ' not yet reported, getting default values')
- return (cve_date, cve_base, cve_impact, cve_exploit)
- else:
- cve_date = cve['Published']
- cve_base = cve['cvss']
- except KeyError:
- print('CVE ' + cve_id + ' not parsed correctly')
- return (cve_date, cve_base, cve_impact, cve_exploit)
|
