diff options
Diffstat (limited to 'cvss/v2metric.go')
| -rw-r--r-- | cvss/v2metric.go | 244 |
1 files changed, 244 insertions, 0 deletions
diff --git a/cvss/v2metric.go b/cvss/v2metric.go new file mode 100644 index 0000000..2dee41a --- /dev/null +++ b/cvss/v2metric.go @@ -0,0 +1,244 @@ +package cvss + +//go:generate stringer -linecomment -type=v2Metric + +// CVSS v2 metric value +type v2Metric byte + +const ( + v2AVNetwork v2Metric = iota // AV:N + v2AVAdjacentNetwork // AV:A + v2AVLocal // AV:L + + v2ACLow // AC:L + v2ACMedium // AC:M + v2ACHigh // AC:H + + v2AuMultiple // Au:M + v2AuSingle // Au:S + v2AuNone // Au:N + + v2CNone // C:N + v2CPartial // C:P + v2CComplete // C:C + + v2INone // I:N + v2IPartial // I:P + v2IComplete // I:C + + v2ANone // A:N + v2APartial // A:P + v2AComplete // A:C + + v2ENotDefined // E:ND + v2EUnproven // E:U + v2EProofOfConcept // E:POC + v2EFunctional // E:F + v2EHigh // E:H + + v2RLOfficialFix // RL:OF + v2RLTemporaryFix // RL:TF + v2RLWorkaround // RL:W + v2RLUnavailable // RL:U + v2RLNotDefined // RL:ND + + v2RCUnconfirmed // RC:UC + v2RCUncorroborated // RC:UR + v2RCConfirmed // RC:C + v2RCNotDefined // RC:ND + + v2CDPNone // CDP:N + v2CDPLow // CDP:L + v2CDPLowMedium // CDP:LM + v2CDPMediumHigh // CDP:MH + v2CDPHigh // CDP:H + v2CDPNotDefined // CDP:ND + + v2TDNone // TD:N + v2TDLow // TD:L + v2TDMedium // TD:M + v2TDHigh // TD:H + v2TDNotDefined // TD:ND + + v2CRLow // CR:L + v2CRMedium // CR:M + v2CRHigh // CR:H + v2CRNotDefined // CR:ND + + v2IRLow // IR:L + v2IRMedium // IR:M + v2IRHigh // IR:H + v2IRNotDefined // IR:ND + + v2ARLow // AR:L + v2ARMedium // AR:M + v2ARHigh // AR:H + v2ARNotDefined // AR:ND + + v2InvalidMetric // invalid +) + +// map of metrics to metric keys +var v2KeyLut = map[v2Metric]v2Key { + v2AVNetwork: v2AccessVector, + v2AVAdjacentNetwork: v2AccessVector, + v2AVLocal: v2AccessVector, + + v2ACLow: v2AccessComplexity, + v2ACMedium: v2AccessComplexity, + v2ACHigh: v2AccessComplexity, + + v2AuMultiple: v2Authentication, + v2AuSingle: v2Authentication, + v2AuNone: v2Authentication, + + v2CNone: v2ConfidentialityImpact, + v2CPartial: v2ConfidentialityImpact, + v2CComplete: v2ConfidentialityImpact, + + v2INone: v2IntegrityImpact, + v2IPartial: v2IntegrityImpact, + v2IComplete: v2IntegrityImpact, + + v2ANone: v2AvailabilityImpact, + v2APartial: v2AvailabilityImpact, + v2AComplete: v2AvailabilityImpact, + + v2ENotDefined: v2Exploitability, + v2EUnproven: v2Exploitability, + v2EProofOfConcept: v2Exploitability, + v2EFunctional: v2Exploitability, + v2EHigh: v2Exploitability, + + v2RLOfficialFix: v2RemediationLevel, + v2RLTemporaryFix: v2RemediationLevel, + v2RLWorkaround: v2RemediationLevel, + v2RLUnavailable: v2RemediationLevel, + v2RLNotDefined: v2RemediationLevel, + + v2RCUnconfirmed: v2ReportConfidence, + v2RCUncorroborated: v2ReportConfidence, + v2RCConfirmed: v2ReportConfidence, + v2RCNotDefined: v2ReportConfidence, + + v2CDPNone: v2CollateralDamagePotential, + v2CDPLow: v2CollateralDamagePotential, + v2CDPLowMedium: v2CollateralDamagePotential, + v2CDPMediumHigh: v2CollateralDamagePotential, + v2CDPHigh: v2CollateralDamagePotential, + v2CDPNotDefined: v2CollateralDamagePotential, + + v2TDNone: v2TargetDistribution, + v2TDLow: v2TargetDistribution, + v2TDMedium: v2TargetDistribution, + v2TDHigh: v2TargetDistribution, + v2TDNotDefined: v2TargetDistribution, + + v2CRLow: v2ConfidentialityRequirement, + v2CRMedium: v2ConfidentialityRequirement, + v2CRHigh: v2ConfidentialityRequirement, + v2CRNotDefined: v2ConfidentialityRequirement, + + v2IRLow: v2IntegrityRequirement, + v2IRMedium: v2IntegrityRequirement, + v2IRHigh: v2IntegrityRequirement, + v2IRNotDefined: v2IntegrityRequirement, + + v2ARLow: v2AvailabilityRequirement, + v2ARMedium: v2AvailabilityRequirement, + v2ARHigh: v2AvailabilityRequirement, + v2ARNotDefined: v2AvailabilityRequirement, +} + +// map of metric strings to metrics +var v2MetricStrLut = map[string]v2Metric { + "AV:N": v2AVNetwork, + "AV:A": v2AVAdjacentNetwork, + "AV:L": v2AVLocal, + + "AC:L": v2ACLow, + "AC:M": v2ACMedium, + "AC:H": v2ACHigh, + + "Au:M": v2AuMultiple, + "Au:S": v2AuSingle, + "Au:N": v2AuNone, + + "C:N": v2CNone, + "C:P": v2CPartial, + "C:C": v2CComplete, + + "I:N": v2INone, + "I:P": v2IPartial, + "I:C": v2IComplete, + + "A:N": v2ANone, + "A:P": v2APartial, + "A:C": v2AComplete, + + "E:ND": v2ENotDefined, + "E:U": v2EUnproven, + "E:POC": v2EProofOfConcept, + "E:F": v2EFunctional, + "E:H": v2EHigh, + + "RL:OF": v2RLOfficialFix, + "RL:TF": v2RLTemporaryFix, + "RL:W": v2RLWorkaround, + "RL:U": v2RLUnavailable, + "RL:ND": v2RLNotDefined, + + "RC:UC": v2RCUnconfirmed, + "RC:UR": v2RCUncorroborated, + "RC:C": v2RCConfirmed, + "RC:ND": v2RCNotDefined, + + "CDP:N": v2CDPNone, + "CDP:L": v2CDPLow, + "CDP:LM": v2CDPLowMedium, + "CDP:MH": v2CDPMediumHigh, + "CDP:H": v2CDPHigh, + "CDP:ND": v2CDPNotDefined, + + "TD:N": v2TDNone, + "TD:L": v2TDLow, + "TD:M": v2TDMedium, + "TD:H": v2TDHigh, + "TD:ND": v2TDNotDefined, + + "CR:L": v2CRLow, + "CR:M": v2CRMedium, + "CR:H": v2CRHigh, + "CR:ND": v2CRNotDefined, + + "IR:L": v2IRLow, + "IR:M": v2IRMedium, + "IR:H": v2IRHigh, + "IR:ND": v2IRNotDefined, + + "AR:L": v2ARLow, + "AR:M": v2ARMedium, + "AR:H": v2ARHigh, + "AR:ND": v2ARNotDefined, +} + +// Convert string to CVSS 2.0 metric. +func getV2Metric(s string) (v2Metric, error) { + // get metric + m, ok := v2MetricStrLut[s] + if !ok { + return v2InvalidMetric, newBadMetric(V20, s) + } + + // return success + return m, nil +} + +// Get CVSS 2.0 metric key. +func (m v2Metric) Key() Key { + if k, ok := v2KeyLut[m]; ok { + return k + } else { + return v2InvalidKey + } +} |