From 3d15eaf810bb05c605ae25317ec447d8f65bd63f Mon Sep 17 00:00:00 2001 From: ziadhany Date: Tue, 28 May 2024 18:17:23 +0300 Subject: [PATCH] Add the reference type to vulnrichment importer Fix ssvc calculator bug Add support for ref cpes & fix the tests Ignore affected packages Add SSVC calculator. Add Support for SSVC. Add vulnrichment importer. Add support to CVSSv4 Signed-off-by: ziadhany --- vulnerabilities/importers/__init__.py | 2 + vulnerabilities/importers/nvd.py | 10 + vulnerabilities/importers/vulnrichment.py | 300 +++++++++ vulnerabilities/severity_systems.py | 40 ++ .../templates/vulnerability_details.html | 111 ++-- .../vulnrichment-data1-expected.json | 48 ++ .../vulnrichment/vulnrichment-data1.json | 124 ++++ .../vulnrichment-data2-expected.json | 233 +++++++ .../vulnrichment/vulnrichment-data2.json | 606 ++++++++++++++++++ .../vulnrichment-data3-expected.json | 48 ++ .../vulnrichment/vulnrichment-data3.json | 210 ++++++ vulnerabilities/tests/test_vulnrichment.py | 69 ++ vulnerabilities/views.py | 8 +- 13 files changed, 1771 insertions(+), 38 deletions(-) create mode 100644 vulnerabilities/importers/vulnrichment.py create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1-expected.json create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1.json create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2-expected.json create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2.json create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3-expected.json create mode 100644 vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3.json create mode 100644 vulnerabilities/tests/test_vulnrichment.py diff --git a/vulnerabilities/importers/__init__.py b/vulnerabilities/importers/__init__.py index 70b9190b1..a1475b715 100644 --- a/vulnerabilities/importers/__init__.py +++ b/vulnerabilities/importers/__init__.py @@ -38,6 +38,7 @@ from vulnerabilities.importers import suse_scores from vulnerabilities.importers import ubuntu from vulnerabilities.importers import ubuntu_usn +from vulnerabilities.importers import vulnrichment from vulnerabilities.importers import xen IMPORTERS_REGISTRY = [ @@ -73,6 +74,7 @@ ruby.RubyImporter, github_osv.GithubOSVImporter, epss.EPSSImporter, + vulnrichment.VulnrichImporter, ] IMPORTERS_REGISTRY = {x.qualified_name: x for x in IMPORTERS_REGISTRY} diff --git a/vulnerabilities/importers/nvd.py b/vulnerabilities/importers/nvd.py index f72e0fc21..1a6048dfd 100644 --- a/vulnerabilities/importers/nvd.py +++ b/vulnerabilities/importers/nvd.py @@ -163,6 +163,16 @@ def severities(self): """ severities = [] impact = self.cve_item.get("impact") or {} + base_metric_v4 = impact.get("baseMetricV4") or {} + if base_metric_v4: + cvss_v4 = base_metric_v4.get("cvssV4") or {} + vs = VulnerabilitySeverity( + system=severity_systems.CVSSV4, + value=str(cvss_v4.get("baseScore") or ""), + scoring_elements=str(cvss_v4.get("vectorString") or ""), + ) + severities.append(vs) + base_metric_v3 = impact.get("baseMetricV3") or {} if base_metric_v3: cvss_v3 = get_item(base_metric_v3, "cvssV3") diff --git a/vulnerabilities/importers/vulnrichment.py b/vulnerabilities/importers/vulnrichment.py new file mode 100644 index 000000000..15a30e01e --- /dev/null +++ b/vulnerabilities/importers/vulnrichment.py @@ -0,0 +1,300 @@ +import json +import logging +import re +from pathlib import Path +from typing import Iterable + +import dateparser + +from vulnerabilities.importer import AdvisoryData +from vulnerabilities.importer import Importer +from vulnerabilities.importer import Reference +from vulnerabilities.importer import VulnerabilitySeverity +from vulnerabilities.models import VulnerabilityReference +from vulnerabilities.severity_systems import SCORING_SYSTEMS +from vulnerabilities.utils import get_advisory_url +from vulnerabilities.utils import get_cwe_id +from vulnerabilities.utils import get_reference_id + +logger = logging.getLogger(__name__) + + +class VulnrichImporter(Importer): + spdx_license_expression = "CC0-1.0" + license_url = "https://github.com/cisagov/vulnrichment/blob/develop/LICENSE" + repo_url = "git+https://github.com/cisagov/vulnrichment.git" + importer_name = "Vulnrichment" + + def advisory_data(self) -> Iterable[AdvisoryData]: + try: + vcs_response = self.clone(repo_url=self.repo_url) + base_path = Path(vcs_response.dest_dir) + for file_path in base_path.glob(f"**/**/*.json"): + if not file_path.name.startswith("CVE-"): + continue + + with open(file_path) as f: + raw_data = json.load(f) + + advisory_url = get_advisory_url( + file=file_path, + base_path=base_path, + url="https://github.com/cisagov/vulnrichment/blob/develop/", + ) + yield parse_cve_advisory(raw_data, advisory_url) + finally: + if self.vcs_response: + self.vcs_response.delete() + + +def parse_cve_advisory(raw_data, advisory_url): + """ + Parse a vulnrichment advisory file and return an `AdvisoryData` object. + The files are in JSON format, and a JSON schema is documented at the following location: + https://github.com/CVEProject/cve-schema/blob/main/schema/CVE_Record_Format.json + """ + # Extract CVE Metadata + cve_metadata = raw_data.get("cveMetadata", {}) + cve_id = cve_metadata.get("cveId") + state = cve_metadata.get("state") + + date_published = cve_metadata.get("datePublished") + if date_published: + date_published = dateparser.parse(date_published) + + # Extract containers + containers = raw_data.get("containers", {}) + cna_data = containers.get("cna", {}) + adp_data = containers.get("adp", {}) + + # Extract descriptions + summary = "" + description_list = cna_data.get("descriptions", []) + for description_dict in description_list: + if not description_dict.get("lang") in ["en", "en-US"]: + continue + summary = description_dict.get("value") + + # Extract metrics + severities = [] + metrics = cna_data.get("metrics", []) + [ + adp_metrics for data in adp_data for adp_metrics in data.get("metrics", []) + ] + + vulnrichment_scoring_system = { + "cvssV4_0": SCORING_SYSTEMS["cvssv4"], + "cvssV3_1": SCORING_SYSTEMS["cvssv3.1"], + "cvssV3_0": SCORING_SYSTEMS["cvssv3"], + "cvssV2_0": SCORING_SYSTEMS["cvssv2"], + "other": { + "ssvc": SCORING_SYSTEMS["ssvc"], + }, # ignore kev + } + + for metric in metrics: + for metric_type, metric_value in metric.items(): + if metric_type not in vulnrichment_scoring_system: + continue + + if metric_type == "other": + other_types = metric_value.get("type") + if other_types == "ssvc": + content = metric_value.get("content", {}) + vector_string, decision = ssvc_calculator(content) + scoring_system = vulnrichment_scoring_system[metric_type][other_types] + severity = VulnerabilitySeverity( + system=scoring_system, value=decision, scoring_elements=vector_string + ) + severities.append(severity) + # ignore kev + else: + vector_string = metric_value.get("vectorString") + base_score = metric_value.get("baseScore") + scoring_system = vulnrichment_scoring_system[metric_type] + severity = VulnerabilitySeverity( + system=scoring_system, value=base_score, scoring_elements=vector_string + ) + severities.append(severity) + + # Extract references cpes and ignore affected products + cpes = set() + for affected_product in cna_data.get("affected", []): + if type(affected_product) != dict: + continue + cpes.update(affected_product.get("cpes") or []) + + references = [] + for ref in cna_data.get("references", []): + # https://github.com/CVEProject/cve-schema/blob/main/schema/tags/reference-tags.json + # We removed all unwanted reference types and set the default reference type to 'OTHER'. + ref_type = VulnerabilityReference.OTHER + vul_ref_types = { + "exploit": VulnerabilityReference.EXPLOIT, + "issue-tracking": VulnerabilityReference.BUG, + "mailing-list": VulnerabilityReference.MAILING_LIST, + "third-party-advisory": VulnerabilityReference.ADVISORY, + "vendor-advisory": VulnerabilityReference.ADVISORY, + "vdb-entry": VulnerabilityReference.ADVISORY, + } + + for tag_type in ref.get("tags", []): + if tag_type in vul_ref_types: + ref_type = vul_ref_types.get(tag_type) + + url = ref.get("url") + reference = Reference( + reference_id=get_reference_id(url), + url=url, + reference_type=ref_type, + severities=severities, + ) + + references.append(reference) + + cpes_ref = [ + Reference( + reference_id=cpe, + reference_type=VulnerabilityReference.OTHER, + url=f"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query={cpe}", + ) + for cpe in sorted(list(cpes)) + ] + references.extend(cpes_ref) + + weaknesses = set() + for problem_type in cna_data.get("problemTypes", []): + descriptions = problem_type.get("descriptions", []) + for description in descriptions: + cwe_id = description.get("cweId") + if cwe_id: + weaknesses.add(get_cwe_id(cwe_id)) + + description_text = description.get("description") + if description_text: + pattern = r"CWE-(\d+)" + match = re.search(pattern, description_text) + if match: + weaknesses.add(int(match.group(1))) + + return AdvisoryData( + aliases=[cve_id], + summary=summary, + references=references, + date_published=date_published, + weaknesses=list(weaknesses), + url=advisory_url, + ) + + +def ssvc_calculator(ssvc_data): + """ + Return the ssvc vector and the decision value + """ + options = ssvc_data.get("options", []) + timestamp = ssvc_data.get("timestamp") + + # Extract the options into a dictionary + options_dict = {k: v.lower() for option in options for k, v in option.items()} + + # We copied the table value from this link. + # https://www.cisa.gov/sites/default/files/publications/cisa-ssvc-guide%20508c.pdf + + # Determining Mission and Well-Being Impact Value + mission_well_being_table = { + # (Mission Prevalence, Public Well-being Impact) : "Mission & Well-being" + ("minimal", "minimal"): "low", + ("minimal", "material"): "medium", + ("minimal", "irreversible"): "high", + ("support", "minimal"): "medium", + ("support", "material"): "medium", + ("support", "irreversible"): "high", + ("essential", "minimal"): "high", + ("essential", "material"): "high", + ("essential", "irreversible"): "high", + } + + if "Mission Prevalence" not in options_dict: + options_dict["Mission Prevalence"] = "minimal" + + if "Public Well-being Impact" not in options_dict: + options_dict["Public Well-being Impact"] = "material" + + options_dict["Mission & Well-being"] = mission_well_being_table[ + (options_dict["Mission Prevalence"], options_dict["Public Well-being Impact"]) + ] + + decision_key = ( + options_dict.get("Exploitation"), + options_dict.get("Automatable"), + options_dict.get("Technical Impact"), + options_dict.get("Mission & Well-being"), + ) + + decision_points = { + "Exploitation": {"E": {"none": "N", "poc": "P", "active": "A"}}, + "Automatable": {"A": {"no": "N", "yes": "Y"}}, + "Technical Impact": {"T": {"partial": "P", "total": "T"}}, + "Public Well-being Impact": {"B": {"minimal": "M", "material": "A", "irreversible": "I"}}, + "Mission Prevalence": {"P": {"minimal": "M", "support": "S", "essential": "E"}}, + "Mission & Well-being": {"M": {"low": "L", "medium": "M", "high": "H"}}, + } + + # Create the SSVC vector + ssvc_vector = "SSVCv2/" + for key, value_map in options_dict.items(): + options_key = decision_points.get(key) + for lhs, rhs_map in options_key.items(): + ssvc_vector += f"{lhs}:{rhs_map.get(value_map)}/" + + # "Decision": {"D": {"Track": "T", "Track*": "R", "Attend": "A", "Act": "C"}}, + decision_values = {"Track": "T", "Track*": "R", "Attend": "A", "Act": "C"} + + decision_lookup = { + ("none", "no", "partial", "low"): "Track", + ("none", "no", "partial", "medium"): "Track", + ("none", "no", "partial", "high"): "Track", + ("none", "no", "total", "low"): "Track", + ("none", "no", "total", "medium"): "Track", + ("none", "no", "total", "high"): "Track*", + ("none", "yes", "partial", "low"): "Track", + ("none", "yes", "partial", "medium"): "Track", + ("none", "yes", "partial", "high"): "Attend", + ("none", "yes", "total", "low"): "Track", + ("none", "yes", "total", "medium"): "Track", + ("none", "yes", "total", "high"): "Attend", + ("poc", "no", "partial", "low"): "Track", + ("poc", "no", "partial", "medium"): "Track", + ("poc", "no", "partial", "high"): "Track*", + ("poc", "no", "total", "low"): "Track", + ("poc", "no", "total", "medium"): "Track*", + ("poc", "no", "total", "high"): "Attend", + ("poc", "yes", "partial", "low"): "Track", + ("poc", "yes", "partial", "medium"): "Track", + ("poc", "yes", "partial", "high"): "Attend", + ("poc", "yes", "total", "low"): "Track", + ("poc", "yes", "total", "medium"): "Track*", + ("poc", "yes", "total", "high"): "Attend", + ("active", "no", "partial", "low"): "Track", + ("active", "no", "partial", "medium"): "Track", + ("active", "no", "partial", "high"): "Attend", + ("active", "no", "total", "low"): "Track", + ("active", "no", "total", "medium"): "Attend", + ("active", "no", "total", "high"): "Act", + ("active", "yes", "partial", "low"): "Attend", + ("active", "yes", "partial", "medium"): "Attend", + ("active", "yes", "partial", "high"): "Act", + ("active", "yes", "total", "low"): "Attend", + ("active", "yes", "total", "medium"): "Act", + ("active", "yes", "total", "high"): "Act", + } + + decision = decision_lookup.get(decision_key, "") + + if decision: + ssvc_vector += f"D:{decision_values.get(decision)}/" + + if timestamp: + timestamp_formatted = dateparser.parse(timestamp).strftime("%Y-%m-%dT%H:%M:%SZ") + + ssvc_vector += f"{timestamp_formatted}/" + return ssvc_vector, decision diff --git a/vulnerabilities/severity_systems.py b/vulnerabilities/severity_systems.py index bc8d6219d..f5be70a5b 100644 --- a/vulnerabilities/severity_systems.py +++ b/vulnerabilities/severity_systems.py @@ -8,9 +8,11 @@ # import dataclasses +from datetime import datetime from cvss import CVSS2 from cvss import CVSS3 +from cvss import CVSS4 """ Vulnerability scoring systems define scales, values and approach to score a @@ -83,6 +85,22 @@ def get(self, scoring_elements: str) -> dict: return CVSS3(vector=scoring_elements).as_json() +@dataclasses.dataclass(order=True) +class Cvssv4ScoringSystem(ScoringSystem): + def compute(self, scoring_elements: str) -> str: + """ + Return a CVSSv4 base score + + >>> CVSSV4.compute('CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N') + '9.9' + """ + return str(CVSS4(vector=scoring_elements).base_score) + + def get(self, scoring_elements: str) -> dict: + scoring_elements = scoring_elements.strip() + return CVSS4(vector=scoring_elements).as_json() + + CVSSV3 = Cvssv3ScoringSystem( identifier="cvssv3", name="CVSSv3 Base Score", @@ -97,6 +115,13 @@ def get(self, scoring_elements: str) -> dict: notes="CVSSv3.1 base score and vector", ) +CVSSV4 = Cvssv4ScoringSystem( + identifier="cvssv4", + name="CVSSv4 Base Score", + url="https://www.first.org/cvss/v4-0/", + notes="CVSSv4 base score and vector", +) + REDHAT_BUGZILLA = ScoringSystem( identifier="rhbs", name="RedHat Bugzilla severity", @@ -170,12 +195,26 @@ def compute(self, scoring_elements: str): url="https://www.first.org/epss/", ) + +@dataclasses.dataclass(order=True) +class SSVCScoringSystem(ScoringSystem): + def get(self, scoring_elements: str): + return {"version": "ssvc", "vectorString": scoring_elements} + + +SSVC = SSVCScoringSystem( + identifier="ssvc", + name="Stakeholder-Specific Vulnerability Categorization", + url="https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc", +) + SCORING_SYSTEMS = { system.identifier: system for system in ( CVSSV2, CVSSV3, CVSSV31, + CVSSV4, REDHAT_BUGZILLA, REDHAT_AGGREGATE, ARCHLINUX, @@ -184,5 +223,6 @@ def compute(self, scoring_elements: str): APACHE_HTTPD, APACHE_TOMCAT, EPSS, + SSVC, ) } diff --git a/vulnerabilities/templates/vulnerability_details.html b/vulnerabilities/templates/vulnerability_details.html index 4ddbad9cd..c950adad1 100644 --- a/vulnerabilities/templates/vulnerability_details.html +++ b/vulnerabilities/templates/vulnerability_details.html @@ -347,56 +347,94 @@
{% for severity_vector in severity_vectors %} {% if severity_vector.version == '2.0' %} - Vector: {{ severity_vector.vectorString }} - - - - - - - - - - - - - - - - - - - -
Exploitability (E)Access Vector (AV)Access Complexity (AC)Authentication (Au)Confidentiality Impact (C)Integrity Impact (I)Availability Impact (A)
{{ severity_vector.exploitability|cvss_printer:"high,functional,unproven,proof_of_concept,not_defined" }}{{ severity_vector.accessVector|cvss_printer:"local,adjacent_network,network" }}{{ severity_vector.accessComplexity|cvss_printer:"high,medium,low" }}{{ severity_vector.authentication|cvss_printer:"multiple,single,none" }}{{ severity_vector.confidentialityImpact|cvss_printer:"none,partial,complete" }}{{ severity_vector.integrityImpact|cvss_printer:"none,partial,complete" }}{{ severity_vector.availabilityImpact|cvss_printer:"none,partial,complete" }}
- {% elif severity_vector.version == '3.1' or severity_vector.version == '3.0'%} Vector: {{ severity_vector.vectorString }} - - - - - + + + + - - - - - - - - + + + + + + +
Attack Vector (AV)Attack Complexity (AC)Privileges Required (PR)User Interaction (UI)Scope (S)Exploitability (E)Access Vector (AV)Access Complexity (AC)Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)
{{ severity_vector.attackVector|cvss_printer:"network,adjacent_network,local,physical"}}{{ severity_vector.attackComplexity|cvss_printer:"low,high" }}{{ severity_vector.privilegesRequired|cvss_printer:"none,low,high" }}{{ severity_vector.userInteraction|cvss_printer:"none,required"}}{{ severity_vector.scope|cvss_printer:"unchanged,changed" }}{{ severity_vector.confidentialityImpact|cvss_printer:"high,low,none" }}{{ severity_vector.integrityImpact|cvss_printer:"high,low,none" }}{{ severity_vector.availabilityImpact|cvss_printer:"high,low,none" }}{{ severity_vector.exploitability|cvss_printer:"high,functional,unproven,proof_of_concept,not_defined" }}{{ severity_vector.accessVector|cvss_printer:"local,adjacent_network,network" }}{{ severity_vector.accessComplexity|cvss_printer:"high,medium,low" }}{{ severity_vector.authentication|cvss_printer:"multiple,single,none" }}{{ severity_vector.confidentialityImpact|cvss_printer:"none,partial,complete" }}{{ severity_vector.integrityImpact|cvss_printer:"none,partial,complete" }}{{ severity_vector.availabilityImpact|cvss_printer:"none,partial,complete" }}
+ {% elif severity_vector.version == '3.1' or severity_vector.version == '3.0'%} + Vector: {{ severity_vector.vectorString }} + + + + + + + + + + + + + + + + + + + + + +
Attack Vector (AV)Attack Complexity (AC)Privileges Required (PR)User Interaction (UI)Scope (S)Confidentiality Impact (C)Integrity Impact (I)Availability Impact (A)
{{ severity_vector.attackVector|cvss_printer:"network,adjacent_network,local,physical"}}{{ severity_vector.attackComplexity|cvss_printer:"low,high" }}{{ severity_vector.privilegesRequired|cvss_printer:"none,low,high" }}{{ severity_vector.userInteraction|cvss_printer:"none,required"}}{{ severity_vector.scope|cvss_printer:"unchanged,changed" }}{{ severity_vector.confidentialityImpact|cvss_printer:"high,low,none" }}{{ severity_vector.integrityImpact|cvss_printer:"high,low,none" }}{{ severity_vector.availabilityImpact|cvss_printer:"high,low,none" }}
+ {% elif severity_vector.version == '4' %} + Vector: {{ severity_vector.vectorString }} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Attack Vector (AV)Attack Complexity (AC)Attack Requirements (AT)Privileges Required (PR)User Interaction (UI)Vulnerable System Impact Confidentiality (VC)Vulnerable System Impact Integrity (VI)Vulnerable System Impact Availability (VA)Subsequent System Impact Confidentiality (SC)Subsequent System Impact Integrity (SI)Subsequent System Impact Availability (SA)
{{ severity_vector.attackVector|cvss_printer:"network,adjacent,local,physical"}}{{ severity_vector.attackComplexity|cvss_printer:"low,high" }}{{ severity_vector.attackRequirement|cvss_printer:"none,present" }}{{ severity_vector.privilegesRequired|cvss_printer:"none,low,high" }}{{ severity_vector.userInteraction|cvss_printer:"none,passive,active"}}{{ severity_vector.vulnerableSystemImpactConfidentiality|cvss_printer:"high,low,none" }}{{ severity_vector.vulnerableSystemImpactIntegrity|cvss_printer:"high,low,none" }}{{ severity_vector.vulnerableSystemImpactAvailability|cvss_printer:"high,low,none" }}{{ severity_vector.subsequentSystemImpactConfidentiality|cvss_printer:"high,low,none" }}{{ severity_vector.subsequentSystemImpactIntegrity|cvss_printer:"high,low,none" }}{{ severity_vector.subsequentSystemImpactAvailability|cvss_printer:"high,low,none" }}
+ {% elif severity_vector.version == 'ssvc' %} +
+ Vector: {{ severity_vector.vectorString }} +
{% endif %} {% empty %} - There are no known CVSS vectors. + There are no known vectors. {% endfor %} @@ -577,7 +615,6 @@ {% endfor %}
- diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1-expected.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1-expected.json new file mode 100644 index 000000000..0c63d4ba0 --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1-expected.json @@ -0,0 +1,48 @@ +{ + "aliases": [ + "CVE-2024-3018" + ], + "summary": "The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the 'error_resetpassword' attribute of the \"Login | Register Form\" widget (disabled by default). This makes it possible for authenticated attackers, with author-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.", + "affected_packages": [], + "references": [ + { + "reference_id": "342049e5-834e-4867-8174-01ca7bb0caa2?source=cve", + "reference_type": "other", + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve", + "severities": [ + { + "system": "cvssv3.1", + "value": 8.8, + "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + { + "system": "ssvc", + "value": "Track", + "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-01T17:33:59Z/" + } + ] + }, + { + "reference_id": "essential-addons-for-elementor-lite", + "reference_type": "other", + "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite", + "severities": [ + { + "system": "cvssv3.1", + "value": 8.8, + "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + }, + { + "system": "ssvc", + "value": "Track", + "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-01T17:33:59Z/" + } + ] + } + ], + "date_published": "2024-03-30T11:17:25.675000+00:00", + "weaknesses": [ + 502 + ], + "url": "http://test.com" +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1.json new file mode 100644 index 000000000..6d38df1fc --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data1.json @@ -0,0 +1,124 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2024-3018", + "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "state": "PUBLISHED", + "assignerShortName": "Wordfence", + "dateReserved": "2024-03-27T17:18:09.609Z", + "datePublished": "2024-03-30T11:17:25.675Z", + "dateUpdated": "2024-06-04T17:32:12.178Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", + "shortName": "Wordfence", + "dateUpdated": "2024-03-30T11:17:25.675Z" + }, + "affected": [ + { + "vendor": "wpdevteam", + "product": "Essential Addons for Elementor \u2013 Best Elementor Templates, Widgets, Kits & WooCommerce Builders", + "versions": [ + { + "version": "*", + "status": "affected", + "lessThanOrEqual": "5.9.13", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the 'error_resetpassword' attribute of the \"Login | Register Form\" widget (disabled by default). This makes it possible for authenticated attackers, with author-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code." + } + ], + "references": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/342049e5-834e-4867-8174-01ca7bb0caa2?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3060417/essential-addons-for-elementor-lite" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "CWE-502 Deserialization of Untrusted Data" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" + } + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "value": "Ng\u00f4 Thi\u00ean An" + } + ], + "timeline": [ + { + "time": "2024-03-27T00:00:00.000+00:00", + "lang": "en", + "value": "Vendor Notified" + }, + { + "time": "2024-03-29T00:00:00.000+00:00", + "lang": "en", + "value": "Disclosed" + } + ] + }, + "adp": [ + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "id": "CVE-2024-3018", + "role": "CISA Coordinator", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "version": "2.0.3", + "timestamp": "2024-04-01T17:33:59.355004Z" + } + } + } + ], + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2024-05-23T19:01:20.623Z" + }, + "title": "CISA ADP Vulnrichment" + } + ] + } +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2-expected.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2-expected.json new file mode 100644 index 000000000..ba29e9f95 --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2-expected.json @@ -0,0 +1,233 @@ +{ + "aliases": [ + "CVE-2022-26915" + ], + "summary": "Windows Secure Channel Denial of Service Vulnerability", + "affected_packages": [], + "references": [ + { + "reference_id": "CVE-2022-26915", + "reference_type": "advisory", + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26915", + "severities": [ + { + "system": "cvssv3.1", + "value": 7.5, + "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" + }, + { + "system": "ssvc", + "value": "Track", + "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-30T18:43:59Z/" + } + ] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:arm64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:arm64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.2212:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.2212:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:arm64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:arm64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:arm64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:arm64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19043.1645:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H2:10.0.19043.1645:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:arm64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:arm64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:arm64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:arm64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20337:*:*:*:*:*:*:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20337:*:*:*:*:*:*:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25924:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25924:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x86:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x86:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23679:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23679:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20337:*:*:*:*:*:x64:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20337:*:*:*:*:*:x64:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066:*:*:*:*:*:*:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066:*:*:*:*:*:*:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803:*:*:*:*:*:*:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803:*:*:*:*:*:*:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.643:*:*:*:*:*:*:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.643:*:*:*:*:*:*:*", + "severities": [] + }, + { + "reference_id": "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1645:*:*:*:*:*:*:*", + "reference_type": "other", + "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1645:*:*:*:*:*:*:*", + "severities": [] + } + ], + "date_published": "2022-04-15T19:05:52", + "weaknesses": [], + "url": "http://test.com" +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2.json new file mode 100644 index 000000000..5d7e241a5 --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data2.json @@ -0,0 +1,606 @@ +{ + "containers": { + "cna": { + "title": "Windows Secure Channel Denial of Service Vulnerability", + "datePublic": "2022-04-12T08:00:00+00:00", + "affected": [ + { + "vendor": "Microsoft", + "product": "Windows 10 Version 1809", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2803:*:*:*:*:*:arm64:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.17763.2803", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2019", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.17763.2803", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2019 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2803:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.17763.2803", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 1909", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.2212:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_10_1809:10.0.18363.2212:*:*:*:*:*:x64:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.18363.2212", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 21H1", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:arm64:*", + "cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1645:*:*:*:*:*:x86:*" + ], + "platforms": [ + "x64-based Systems", + "ARM64-based Systems", + "32-bit Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.19043.1645", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2022", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.643:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.20348.643", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 20H2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1645:*:*:*:*:*:arm64:*" + ], + "platforms": [ + "32-bit Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.19042.1645", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server version 20H2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1645:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.19042.1645", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 11 version 21H2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.613:*:*:*:*:*:arm64:*" + ], + "platforms": [ + "x64-based Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.22000.613", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 21H2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19043.1645:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:arm64:*", + "cpe:2.3:o:microsoft:windows_10_21H2:10.0.19044.1645:*:*:*:*:*:x64:*" + ], + "platforms": [ + "32-bit Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.19043.1645", + "versionType": "custom", + "status": "affected" + }, + { + "version": "10.0.0", + "lessThan": "10.0.19044.1645", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 1507", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19265:*:*:*:*:*:x64:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.10240.19265", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 10 Version 1607", + "cpes": [ + "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.5066:*:*:*:*:*:x64:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.14393.5066", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2016", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.14393.5066", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2016 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.5066:*:*:*:*:*:*:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "10.0.0", + "lessThan": "10.0.14393.5066", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 7", + "cpes": [ + "cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x86:*" + ], + "platforms": [ + "32-bit Systems" + ], + "versions": [ + { + "version": "6.1.0", + "lessThan": "6.1.7601.25924", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 7 Service Pack 1", + "cpes": [ + "cpe:2.3:o:microsoft:windows_7:6.1.7601.25924:sp1:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.1.0", + "lessThan": "6.1.7601.25924", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows 8.1", + "cpes": [ + "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x86:*", + "cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20337:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_rt_8.1:6.3.9600.20337:*:*:*:*:*:*:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems", + "ARM64-based Systems" + ], + "versions": [ + { + "version": "6.3.0", + "lessThan": "6.3.9600.20337", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2008 Service Pack 2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x64:*" + ], + "platforms": [ + "32-bit Systems" + ], + "versions": [ + { + "version": "6.0.0", + "lessThan": "6.0.6003.21446", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x64:*", + "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x86:*" + ], + "platforms": [ + "32-bit Systems", + "x64-based Systems" + ], + "versions": [ + { + "version": "6.0.0", + "lessThan": "6.0.6003.21446", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2008 Service Pack 2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21446:*:*:*:*:*:x86:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.0.0", + "lessThan": "6.0.6003.21446", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2008 R2 Service Pack 1", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25924:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.1.0", + "lessThan": "6.1.7601.25924", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25924:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.0.0", + "lessThan": "6.1.7601.25924", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2012", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23679:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.2.0", + "lessThan": "6.2.9200.23679", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2012 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23679:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.2.0", + "lessThan": "6.2.9200.23679", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2012 R2", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20337:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.3.0", + "lessThan": "6.3.9600.20337", + "versionType": "custom", + "status": "affected" + } + ] + }, + { + "vendor": "Microsoft", + "product": "Windows Server 2012 R2 (Server Core installation)", + "cpes": [ + "cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20337:*:*:*:*:*:x64:*" + ], + "platforms": [ + "x64-based Systems" + ], + "versions": [ + { + "version": "6.3.0", + "lessThan": "6.3.9600.20337", + "versionType": "custom", + "status": "affected" + } + ] + } + ], + "descriptions": [ + { + "value": "Windows Secure Channel Denial of Service Vulnerability", + "lang": "en-US" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "description": "Denial of Service", + "lang": "en-US", + "type": "Impact" + } + ] + } + ], + "providerMetadata": { + "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", + "shortName": "microsoft", + "dateUpdated": "2024-05-29T14:36:41.369Z" + }, + "references": [ + { + "name": "Windows Secure Channel Denial of Service Vulnerability", + "tags": [ + "vendor-advisory" + ], + "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26915" + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en-US", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C" + } + } + ] + }, + "adp": [ + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "id": "CVE-2022-26915", + "role": "CISA Coordinator", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "version": "2.0.3", + "timestamp": "2024-05-30T18:43:59.085457Z" + } + } + } + ], + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2024-05-30T18:44:03.461Z" + }, + "title": "CISA ADP Vulnrichment" + } + ] + }, + "cveMetadata": { + "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", + "assignerShortName": "microsoft", + "cveId": "CVE-2022-26915", + "datePublished": "2022-04-15T19:05:52", + "dateReserved": "2022-03-11T00:00:00", + "dateUpdated": "2024-06-04T17:16:14.274Z", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3-expected.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3-expected.json new file mode 100644 index 000000000..4dc6f49d4 --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3-expected.json @@ -0,0 +1,48 @@ +{ + "aliases": [ + "CVE-2024-4901" + ], + "summary": "An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes.", + "affected_packages": [], + "references": [ + { + "reference_id": "461773", + "reference_type": "bug", + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/461773", + "severities": [ + { + "system": "cvssv3.1", + "value": 8.7, + "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" + }, + { + "system": "ssvc", + "value": "Track", + "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-28T03:55:15Z/" + } + ] + }, + { + "reference_id": "2500163", + "reference_type": "exploit", + "url": "https://hackerone.com/reports/2500163", + "severities": [ + { + "system": "cvssv3.1", + "value": 8.7, + "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" + }, + { + "system": "ssvc", + "value": "Track", + "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-28T03:55:15Z/" + } + ] + } + ], + "date_published": "2024-06-26T23:31:05.422000+00:00", + "weaknesses": [ + 79 + ], + "url": "http://test.com" +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3.json b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3.json new file mode 100644 index 000000000..9eaddd7c9 --- /dev/null +++ b/vulnerabilities/tests/test_data/vulnrichment/vulnrichment-data3.json @@ -0,0 +1,210 @@ +{ + "dataType": "CVE_RECORD", + "containers": { + "adp": [ + { + "title": "CISA ADP Vulnrichment", + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "id": "CVE-2024-4901", + "role": "CISA Coordinator", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "version": "2.0.3", + "timestamp": "2024-06-28T03:55:15.710247Z" + } + } + } + ], + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:16.9.0:*:*:*:*:*:*:*" + ], + "vendor": "gitlab", + "product": "gitlab", + "versions": [ + { + "status": "affected", + "version": "16.9.0", + "lessThan": "16.11.5", + "versionType": "custom" + } + ], + "defaultStatus": "unknown" + }, + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:17.0:*:*:*:*:*:*:*" + ], + "vendor": "gitlab", + "product": "gitlab", + "versions": [ + { + "status": "affected", + "version": "17.0", + "lessThan": "17.0.3", + "versionType": "custom" + } + ], + "defaultStatus": "unknown" + }, + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:17.1:*:*:*:*:*:*:*" + ], + "vendor": "gitlab", + "product": "gitlab", + "versions": [ + { + "status": "affected", + "version": "17.1", + "lessThan": "17.1.1", + "versionType": "custom" + } + ], + "defaultStatus": "unknown" + } + ], + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2024-06-28T13:08:54.273Z" + } + } + ], + "cna": { + "title": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab", + "credits": [ + { + "lang": "en", + "type": "finder", + "value": "Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program" + } + ], + "metrics": [ + { + "format": "CVSS", + "cvssV3_1": { + "scope": "CHANGED", + "version": "3.1", + "baseScore": 8.7, + "attackVector": "NETWORK", + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", + "integrityImpact": "HIGH", + "userInteraction": "REQUIRED", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "LOW", + "confidentialityImpact": "HIGH" + }, + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "affected": [ + { + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "product": "GitLab", + "versions": [ + { + "status": "affected", + "version": "16.9", + "lessThan": "16.11.5", + "versionType": "semver" + }, + { + "status": "affected", + "version": "17.0", + "lessThan": "17.0.3", + "versionType": "semver" + }, + { + "status": "affected", + "version": "17.1", + "lessThan": "17.1.1", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "solutions": [ + { + "lang": "en", + "value": "Upgrade to versions 17.1.1, 17.0.3, 16.11.5 or above." + } + ], + "references": [ + { + "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/461773", + "name": "GitLab Issue #461773", + "tags": [ + "issue-tracking", + "permissions-required" + ] + }, + { + "url": "https://hackerone.com/reports/2500163", + "name": "HackerOne Bug Bounty Report #2500163", + "tags": [ + "technical-description", + "exploit", + "permissions-required" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes." + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "type": "CWE", + "cweId": "CWE-79", + "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ], + "providerMetadata": { + "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", + "shortName": "GitLab", + "dateUpdated": "2024-06-26T23:31:05.422Z" + } + } + }, + "cveMetadata": { + "cveId": "CVE-2024-4901", + "state": "PUBLISHED", + "dateUpdated": "2024-06-28T13:08:59.344Z", + "dateReserved": "2024-05-15T09:30:34.902Z", + "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", + "datePublished": "2024-06-26T23:31:05.422Z", + "assignerShortName": "GitLab" + }, + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/vulnerabilities/tests/test_vulnrichment.py b/vulnerabilities/tests/test_vulnrichment.py new file mode 100644 index 000000000..7c52122ec --- /dev/null +++ b/vulnerabilities/tests/test_vulnrichment.py @@ -0,0 +1,69 @@ +import json +import os +from unittest import TestCase + +from vulnerabilities.importers.vulnrichment import parse_cve_advisory +from vulnerabilities.importers.vulnrichment import ssvc_calculator +from vulnerabilities.tests import util_tests + +BASE_DIR = os.path.dirname(os.path.abspath(__file__)) +TEST_DATA = os.path.join(BASE_DIR, "test_data/vulnrichment") + + +class TestVulnrichmentImporter(TestCase): + def test_to_advisories1(self): + with open(os.path.join(TEST_DATA, "vulnrichment-data1.json")) as f: + mock_response = json.load(f) + expected_file = os.path.join(TEST_DATA, "vulnrichment-data1-expected.json") + imported_data = parse_cve_advisory(mock_response, advisory_url="http://test.com") + result = imported_data.to_dict() + util_tests.check_results_against_json(result, expected_file) + + def test_to_advisorie2(self): + with open(os.path.join(TEST_DATA, "vulnrichment-data2.json")) as f: + mock_response = json.load(f) + expected_file = os.path.join(TEST_DATA, "vulnrichment-data2-expected.json") + imported_data = parse_cve_advisory(mock_response, advisory_url="http://test.com") + result = imported_data.to_dict() + util_tests.check_results_against_json(result, expected_file) + + def test_to_advisorie3(self): + with open(os.path.join(TEST_DATA, "vulnrichment-data3.json")) as f: + mock_response = json.load(f) + expected_file = os.path.join(TEST_DATA, "vulnrichment-data3-expected.json") + imported_data = parse_cve_advisory(mock_response, advisory_url="http://test.com") + result = imported_data.to_dict() + util_tests.check_results_against_json(result, expected_file) + + def test_make_ssvc_vector1(self): + assert ssvc_calculator( + { + "id": "CVE-2024-5396", + "role": "CISA Coordinator", + "options": [ + {"Exploitation": "poc"}, + {"Automatable": "no"}, + {"Technical Impact": "partial"}, + ], + "version": "2.0.3", + "timestamp": "2024-05-28T15:58:04.187512Z", + } + ) == ("SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:58:04Z/", "Track") + + def test_make_ssvc_vector2(self): + assert ssvc_calculator( + { + "id": "CVE-2024-5396", + "role": "CISA Coordinator", + "options": [ + {"Exploitation": "active"}, + {"Automatable": "no"}, + {"Technical Impact": "total"}, + {"Mission Prevalence": "Minimal"}, + {"Public Well-being Impact": "Material"}, + {"Mission & Well-being": "medium"}, + ], + "version": "2.0.3", + "timestamp": "2024-05-28T15:58:04.187512Z", + } + ) == ("SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-28T15:58:04Z/", "Attend") diff --git a/vulnerabilities/views.py b/vulnerabilities/views.py index 68ce09faf..88128b509 100644 --- a/vulnerabilities/views.py +++ b/vulnerabilities/views.py @@ -11,6 +11,7 @@ from cvss.exceptions import CVSS2MalformedError from cvss.exceptions import CVSS3MalformedError +from cvss.exceptions import CVSS4MalformedError from django.contrib import messages from django.core.exceptions import ValidationError from django.core.mail import send_mail @@ -147,7 +148,12 @@ def get_context_data(self, **kwargs): try: vector_values = SCORING_SYSTEMS[s.scoring_system].get(s.scoring_elements) severity_vectors.append(vector_values) - except (CVSS2MalformedError, CVSS3MalformedError, NotImplementedError): + except ( + CVSS2MalformedError, + CVSS3MalformedError, + CVSS4MalformedError, + NotImplementedError, + ): logging.error(f"CVSSMalformedError for {s.scoring_elements}") if s.value: