vulnerability

package
v0.6.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2022 License: BSD-3-Clause, GPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ThresholdNVD defines the threshold for values that will be returned from a query
	ThresholdNVD = 1.5
)

Variables

View Source 
var Decoder = &decoder.AbstractDecoder{
	Type:        types.Type_NC_Vulnerability,
	Name:        "Vulnerability",
	Description: "A vulnerability associated with a software product observed on the network",
	PostInit: func(d *decoder.AbstractDecoder) (err error) {
		vulnLog, _, err = logging.InitZapLogger(
			decoderconfig.Instance.Out,
			"vulnerability",
			decoderconfig.Instance.Debug,
		)
		return err
	},
	DeInit: func(sd *decoder.AbstractDecoder) error {
		return vulnLog.Sync()
	},
}

Decoder for protocol analysis and writing audit records to disk.

Functions

func VulnerabilitiesLookup 

func VulnerabilitiesLookup(software *types.Software)

VulnerabilitiesLookup searches for known vulnerabilities in the indexed bleve database TODO: - Make the threshold configurable on the commandline - add caching layer to avoid repeating matching operations.

Types

type NVDVulnerabilityItems 

type NVDVulnerabilityItems struct {
	CVEDataType         string `json:"CVE_data_type"`
	CVEDataFormat       string `json:"CVE_data_format"`
	CVEDataVersion      string `json:"CVE_data_version"`
	CVEDataNumberOfCVEs string `json:"CVE_data_numberOfCVEs"`
	CVEDataTimestamp    string `json:"CVE_data_timestamp"`
	CVEItems            []struct {
		Cve struct {
			DataType    string `json:"data_type"`
			DataFormat  string `json:"data_format"`
			DataVersion string `json:"data_version"`
			CVEDataMeta struct {
				ID       string `json:"ID"`
				ASSIGNER string `json:"ASSIGNER"`
			} `json:"CVE_data_meta"`
			Problemtype struct {
				ProblemtypeData []struct {
					Description []struct {
						Lang  string `json:"lang"`
						Value string `json:"value"`
					} `json:"description"`
				} `json:"problemtype_data"`
			} `json:"problemtype"`
			References struct {
				ReferenceData []struct {
					URL       string   `json:"url"`
					Name      string   `json:"name"`
					Refsource string   `json:"refsource"`
					Tags      []string `json:"tags"`
				} `json:"reference_data"`
			} `json:"references"`
			Description struct {
				DescriptionData []struct {
					Lang  string `json:"lang"`
					Value string `json:"value"`
				} `json:"description_data"`
			} `json:"description"`
		} `json:"cve"`
		Configurations struct {
			CVEDataVersion string `json:"CVE_data_version"`
			Nodes          []struct {
				Operator string `json:"operator"`
				CpeMatch []struct {
					Vulnerable            bool   `json:"vulnerable"`
					Cpe23URI              string `json:"cpe23Uri"`
					VersionEndExcluding   string `json:"versionEndExcluding"`
					VersionStartIncluding string `json:"versionStartIncluding,omitempty"`
				} `json:"cpe_match"`
			} `json:"nodes"`
		} `json:"configurations"`
		Impact struct {
			BaseMetricV3 struct {
				CvssV3 struct {
					Version               string  `json:"version"`
					VectorString          string  `json:"vectorString"`
					AttackVector          string  `json:"attackVector"`
					AttackComplexity      string  `json:"attackComplexity"`
					PrivilegesRequired    string  `json:"privilegesRequired"`
					UserInteraction       string  `json:"userInteraction"`
					Scope                 string  `json:"scope"`
					ConfidentialityImpact string  `json:"confidentialityImpact"`
					IntegrityImpact       string  `json:"integrityImpact"`
					AvailabilityImpact    string  `json:"availabilityImpact"`
					BaseScore             float64 `json:"baseScore"`
					BaseSeverity          string  `json:"baseSeverity"`
				} `json:"cvssV3"`
				ExploitabilityScore float64 `json:"exploitabilityScore"`
				ImpactScore         float64 `json:"impactScore"`
			} `json:"baseMetricV3"`
			BaseMetricV2 struct {
				CvssV2 struct {
					Version               string  `json:"version"`
					VectorString          string  `json:"vectorString"`
					AccessVector          string  `json:"accessVector"`
					AccessComplexity      string  `json:"accessComplexity"`
					Authentication        string  `json:"authentication"`
					ConfidentialityImpact string  `json:"confidentialityImpact"`
					IntegrityImpact       string  `json:"integrityImpact"`
					AvailabilityImpact    string  `json:"availabilityImpact"`
					BaseScore             float64 `json:"baseScore"`
				} `json:"cvssV2"`
				Severity                string  `json:"severity"`
				ExploitabilityScore     float64 `json:"exploitabilityScore"`
				ImpactScore             float64 `json:"impactScore"`
				AcInsufInfo             bool    `json:"acInsufInfo"`
				ObtainAllPrivilege      bool    `json:"obtainAllPrivilege"`
				ObtainUserPrivilege     bool    `json:"obtainUserPrivilege"`
				ObtainOtherPrivilege    bool    `json:"obtainOtherPrivilege"`
				UserInteractionRequired bool    `json:"userInteractionRequired"`
			} `json:"baseMetricV2"`
		} `json:"impact"`
		PublishedDate    string `json:"publishedDate"`
		LastModifiedDate string `json:"lastModifiedDate"`
	} `json:"CVE_Items"`
}

NVDVulnerabilityItems represents the structure of an NVD vulnerability json file.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.