Class: Cvss3::Rating

Inherits:
Object
  • Object
show all
Includes:
Cvss3Vectors
Defined in:
lib/cvss3_rating.rb

Constant Summary

Constants included from Cvss3Vectors

Cvss3Vectors::VECTORS

Instance Attribute Summary collapse

Attributes included from Cvss3Vectors

#ac, #ai, #ar, #av, #ci, #cr, #ex, #ii, #ir, #pr, #rc, #rl, #sc, #ui

Instance Method Summary collapse

Methods included from Cvss3Vectors

#cvss3=, #get_key, #init, #key, #ma, #ma=, #mac, #mac=, #mav, #mav=, #mc, #mc=, #mi, #mi=, #mpr, #mpr=, #ms, #ms=, #mui, #mui=, #parse, #set_key

Constructor Details

#initialize(attributes = {}) ⇒ Rating

Initialize the object, creates a clean initialized Cvss3::Rating object



21
22
23
24
25
26
27
 
# File 'lib/cvss3_rating.rb', line 21

def initialize(attributes = {})
init

    attributes.each do |name, value|
        send("#{name}=", value)
    end
end

Instance Attribute Details

#baseObject

Returns the value of attribute base.



11
12
13
 
# File 'lib/cvss3_rating.rb', line 11

def base
  @base
end

#environmentalObject

Returns the value of attribute environmental.



11
12
13
 
# File 'lib/cvss3_rating.rb', line 11

def environmental
  @environmental
end

#exploitabilityObject

Returns the value of attribute exploitability.



11
12
13
 
# File 'lib/cvss3_rating.rb', line 11

def exploitability
  @exploitability
end

#impactObject

Returns the value of attribute impact.



11
12
13
 
# File 'lib/cvss3_rating.rb', line 11

def impact
  @impact
end

#temporalObject

Returns the value of attribute temporal.



11
12
13
 
# File 'lib/cvss3_rating.rb', line 11

def temporal
  @temporal
end

Instance Method Details

#cvss_base_scoreArray

Calculate the CVSS 3.0 Base Score



59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'lib/cvss3_rating.rb', line 59

def cvss_base_score
byebug if @pr.nil?

  @exploitability = ::Cvss3::Formulas.new.exploitability_sub_score(@av, @ac, @pr, @ui)

@impact = ::Cvss3::Formulas.new.impact_sub_score_base(@ai, @ci, @ii)

@base = ::Cvss3::Formulas.new.cvss_base_formula(@impact, @sc, @exploitability)

@base_level = risk_score(@base)

return @base, @base_level
end

#cvss_environmental_scoreArray

Calculate the CVSS 3.0 Temporal Score



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'lib/cvss3_rating.rb', line 93

def cvss_environmental_score
  exploitability_sub_score_value_modified = ::Cvss3::Formulas.new.exploitability_sub_score_modified(self.mav(true),
    self.mac(true), self.mpr(true), self.mui(true))

  impact_sub_score_value_modified = ::Cvss3::Formulas.new.impact_sub_score_modified_base(self.ma(true), self.mc(true),
    self.mi(true), @cr, @ir, @ar)

  @environmental = ::Cvss3::Formulas.new.cvss_environmental_formula(impact_sub_score_value_modified,
    exploitability_sub_score_value_modified,
    @ex, @rl, @rc, self.ms(true))

  @environmental_level = risk_score(@environmental)

  return @environmental, @environmental_level
end

#cvss_temporal_scoreArray

Calculate the CVSS 3.0 Temporal Score



79
80
81
82
83
84
85
 
# File 'lib/cvss3_rating.rb', line 79

def cvss_temporal_score
  @temporal = ::Cvss3::Formulas.new.cvss_temporal_formula(@base, @ex, @rl, @rc)

  @temporal_level = risk_score(@temporal)

  return @temporal, @temporal_level
end

#risk_score(score) ⇒ String

Takes score and determines risk level from None to Critical



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/cvss3_rating.rb', line 36

def risk_score(score)
  risk_score = case score
    when 0.0
      "None"
    when 0.1..3.9
      "Low"
    when 4.0..6.9
      "Medium"
    when 7.0..8.9
      "High"
    when 9.0..10.0
      "Critical"
    else
      nil
    end
end