cvss 0.50.0 → 0.99.0
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/cvss.rb +42 -0
- data/lib/cvss/version.rb +1 -1
- data/spec/cvss_spec.rb +7 -0
- metadata +4 -4
data/lib/cvss.rb
CHANGED
|
@@ -7,5 +7,47 @@ module Cvss
|
|
|
7
7
|
include Cvss::Parser
|
|
8
8
|
include Cvss::Helpers
|
|
9
9
|
|
|
10
|
+
def score(vector)
|
|
11
|
+
# AV
|
|
12
|
+
# L = 0.395
|
|
13
|
+
# A = 0.646
|
|
14
|
+
# N = 1
|
|
15
|
+
# AC
|
|
16
|
+
# H = 0.35
|
|
17
|
+
# M = 0.61
|
|
18
|
+
# L = 0.71
|
|
19
|
+
# AU
|
|
20
|
+
# M = 0.45
|
|
21
|
+
# S = 0.56
|
|
22
|
+
# N = 0.704
|
|
23
|
+
# C
|
|
24
|
+
# N = 0
|
|
25
|
+
# P = 0.275
|
|
26
|
+
# C = 0.660
|
|
27
|
+
# I
|
|
28
|
+
# N = 0
|
|
29
|
+
# P = 0.275
|
|
30
|
+
# C = 0.660
|
|
31
|
+
# A
|
|
32
|
+
# N = 0
|
|
33
|
+
# P = 0.275
|
|
34
|
+
# C = 0.660
|
|
35
|
+
return -1 unless parse(vector)
|
|
36
|
+
av = {:L => 0.395, :A=> 0.646, :N=>1}
|
|
37
|
+
ac = {:H => 0.35, :M=>0.61, :L=>0.71}
|
|
38
|
+
au = {:M=>0.45, :S=>0.56, :N=>0.704 }
|
|
39
|
+
|
|
40
|
+
exploitability = 20 * av[@base[:av].to_sym] * ac[@base[:ac].to_sym] * au[@base[:au].to_sym]
|
|
41
|
+
c = {:N=>0, :P=>0.275, :C=>0.660}
|
|
42
|
+
i = {:N=>0, :P=>0.275, :C=>0.660}
|
|
43
|
+
a = {:N=>0, :P=>0.275, :C=>0.660}
|
|
44
|
+
|
|
45
|
+
impact = 10.41 * (1 - (1-c[@base[:c].to_sym]) * (1-i[@base[:i].to_sym]) * (1-a[@base[:a].to_sym]))
|
|
46
|
+
f = 0
|
|
47
|
+
f = 1.176 unless impact == 0
|
|
48
|
+
|
|
49
|
+
(((0.6 * impact) + (0.4*exploitability) - 1.5) * f).round(1)
|
|
50
|
+
|
|
51
|
+
end
|
|
10
52
|
end
|
|
11
53
|
end
|
data/lib/cvss/version.rb
CHANGED
data/spec/cvss_spec.rb
CHANGED
|
@@ -42,6 +42,7 @@ describe "CVSS library" do
|
|
|
42
42
|
cvss.base[:a].should == "C"
|
|
43
43
|
end
|
|
44
44
|
end
|
|
45
|
+
|
|
45
46
|
describe "helper" do
|
|
46
47
|
it "should have a data integrity helper" do
|
|
47
48
|
cvss.should respond_to(:data_integrity)
|
|
@@ -65,7 +66,13 @@ describe "CVSS library" do
|
|
|
65
66
|
cvss.parse("AV:N/AC:L/Au:N/C:N/I:N/A:C")
|
|
66
67
|
cvss.data_availability.should == "C"
|
|
67
68
|
end
|
|
69
|
+
end
|
|
68
70
|
|
|
71
|
+
it "has a score method" do
|
|
72
|
+
cvss.should respond_to(:score)
|
|
73
|
+
end
|
|
69
74
|
|
|
75
|
+
it "should calculate the CVSS score" do
|
|
76
|
+
cvss.score("AV:N/AC:L/Au:N/C:P/I:P/A:P").should == 7.5
|
|
70
77
|
end
|
|
71
78
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cvss
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.99.0
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2013-04-22 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rake
|
|
@@ -80,7 +80,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
80
80
|
version: '0'
|
|
81
81
|
segments:
|
|
82
82
|
- 0
|
|
83
|
-
hash: -
|
|
83
|
+
hash: -363553548930148227
|
|
84
84
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
85
85
|
none: false
|
|
86
86
|
requirements:
|
|
@@ -89,7 +89,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
89
89
|
version: '0'
|
|
90
90
|
segments:
|
|
91
91
|
- 0
|
|
92
|
-
hash: -
|
|
92
|
+
hash: -363553548930148227
|
|
93
93
|
requirements: []
|
|
94
94
|
rubyforge_project:
|
|
95
95
|
rubygems_version: 1.8.24
|