Public/Get-CVSSScore.ps1
|
<#
.SYNOPSIS Returns a CVSS Score from a returned vector string .DESCRIPTION Returns the Base, Temporal, Environmental and CVSS Score based on a provided Vector String. PSCVSS is based on CVSS 3.0 standard .PARAMETER VectorString A provided CVSS Vector String .EXAMPLE Simple Example When you provide a Vector String it will determine if the values are correct and expected Get-CVSSScore -VectorString 'CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:W/MPR:N' .EXAMPLE Bad Input Example If you provide values in your Vector string that are not known or valid, this function will ignore them Get-CVSSScore -VectorString 'CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:W/MPR:N/X:Y/ZZZZ:blah' .INPUTS System.String. You can pipe a VectorString into this function. .OUTPUTS PSCVSS.Vector.Score. A Custom PS Object containing Base, Temporal, Environmental, and CVSS Scores #> function Get-CVSSScore { [CmdletBinding(DefaultParameterSetName='Vector', PositionalBinding=$false, HelpUri = 'http://www.microsoft.com/', ConfirmImpact='Medium')] Param ( # A Vector string formatted based on the CVSS standard [Parameter(Mandatory=$true, Position=0, ValueFromPipelineByPropertyName=$true, ParameterSetName='Vector')] [Alias("vector", "string")] $VectorString ) begin{ try{ $cvssData = Get-CVSSData } catch{ Write-Error -ErrorRecord $Error[0] -RecommendedAction 'Unable to load localized CVSS Data!' exit } try{ $baseScore = [BaseScore]::new() $temporalScore = [TemporalScore]::new() $environmentalScore = [EnvironmentalScore]::new() } catch{ Write-Error -ErrorRecord $Error[0] -RecommendedAction 'Unable to create BaseScore object!' exit } } process { foreach ($vector in $VectorString.split('/')){ if ($vector -notmatch 'CVSS'){ if ($cvssData.Contains($vector.split(':')[0])){ if ($cvssData.$($vector.split(':')[0]).Contains($vector.split(':')[1])){ Write-Debug "Vector $($vector.split(':')[0]) has a score of $($cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]))" switch ($vector.split(':')[0]) { 'AV' { $baseScore.AttackVector = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'AC' { $baseScore.AttackComplexity = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'PR' { $baseScore.PrivilegeRequired = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'UI' { $baseScore.UserInteraction = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'S' { $baseScore.Scope =$cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'C' { $baseScore.Confidentiality = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'I' { $baseScore.Integrity = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'A' { $baseScore.Availability = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'E' { $temporalScore.ExploitCodeMaturity = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'RL' { $temporalScore.RemediationLevel = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'RC' { $temporalScore.ReportConfidence = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'CR' { $environmentalScore.ConfidentialityRequirement = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'IR' { $environmentalScore.IntegrityRequirement = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'AR' { $environmentalScore.AvailabilityRequirement = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MAV' { $environmentalScore.ModifiedAttackVector = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MAC' { $environmentalScore.ModifiedAttackComplexity = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MPR' { $environmentalScore.ModifiedPrivilegesRequired = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MUI' { $environmentalScore.ModifiedUserInteraction = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MS' { $environmentalScore.ModifiedScope = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MC' { $environmentalScore.ModifiedConfidentiality = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MI' { $environmentalScore.ModifiedIntegrity = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } 'MA' { $environmentalScore.ModifiedAvailability = $cvssData.$($vector.split(':')[0]).$($vector.split(':')[1]) } } } } else{ Write-Verbose -Message "Unable to find $($vector.split(':')[0]) in Vector list" } } } } end { $baseScore.CalculateScore() $temporalScore.CalculateTemporalScore($baseScore.GetBaseScore()) $environmentalScore.CalculateScore($temporalScore.ExploitCodeMaturity, $temporalScore.RemediationLevel, $temporalScore.ReportConfidence) $cvssScoreObject = [PSCustomObject]@{ 'Base Score' = $baseScore.GetBaseScore() 'Temporal Score' = $temporalScore.GetTemporalScore() 'Environmental Score' = $environmentalScore.GetModifiedBaseSubScore() 'CVSS Score' = $environmentalScore.GetCVSSScore() } Add-ObjectDetail -InputObject $cvssScoreObject -TypeName 'PSCVSS.Vector.Score' } } |