1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
package cvss
//go:generate stringer -linecomment -type=v3Key
// CVSS v3 metric key
type v3Key byte
const (
v3AttackVector v3Key = iota // AV
v3AttackComplexity // AC
v3PrivilegesRequired // PR
v3UserInteraction // UI
v3Scope // S
v3Confidentiality // C
v3Integrity // I
v3Availability // A
v3ExploitCodeMaturity // E
v3RemediationLevel // RL
v3ReportConfidence // RC
v3ConfidentialityRequirement // CR
v3IntegrityRequirement // IR
v3AvailabilityRequirement // AR
v3ModifiedAttackVector // MAV
v3ModifiedAttackComplexity // MAC
v3ModifiedPrivilegesRequired // MPR
v3ModifiedUserInteraction // MUI
v3ModifiedScope // MS
v3ModifiedConfidentiality // MC
v3ModifiedIntegrity // MI
v3ModifiedAvailability // MA
v3InvalidKey // invalid
)
// CVSS v3 metric key info lut
var v3Keys = map[v3Key]struct {
Name string
Category Category
} {
v3AttackVector: { "Attack Vector", Base },
v3AttackComplexity: { "Attack Complexity", Base },
v3PrivilegesRequired: { "Privileges Required", Base },
v3UserInteraction: { "User Interaction", Base },
v3Scope: { "Scope", Base },
v3Confidentiality: { "Confidentiality", Base },
v3Integrity: { "Integrity", Base },
v3Availability: { "Availability", Base },
v3ExploitCodeMaturity: { "Exploit Code Maturity", Temporal },
v3RemediationLevel: { "Remediation Level", Temporal },
v3ReportConfidence: { "Report Confidence", Temporal },
v3ConfidentialityRequirement: { "Confidentiality Requirement", Environmental },
v3IntegrityRequirement: { "Integrity Requirement", Environmental },
v3AvailabilityRequirement: { "Availability Requirement", Environmental },
v3ModifiedAttackVector: { "Modified Attack Vector", Environmental },
v3ModifiedAttackComplexity: { "Modified Attack Complexity", Environmental },
v3ModifiedPrivilegesRequired: { "Modified Privileges Required", Environmental },
v3ModifiedUserInteraction: { "Modified User Interaction", Environmental },
v3ModifiedScope: { "Modified Scope", Environmental },
v3ModifiedConfidentiality: { "Modified Confidentiality", Environmental },
v3ModifiedIntegrity: { "Modified Integrity", Environmental },
v3ModifiedAvailability: { "Modified Availability", Environmental },
}
// // metric key IDs lut
// var v3KeyIds = map[string]v3Key {
// "AV": v3AttackVector,
// "AC": v3AttackComplexity,
// "PR": v3PrivilegesRequired,
// "UI": v3UserInteraction,
// "S": v3Scope,
// "C": v3Confidentiality,
// "I": v3Integrity,
// "A": v3Availability,
// "E": v3ExploitCodeMaturity,
// "RL": v3RemediationLevel,
// "RC": v3ReportConfidence,
// "CR": v3ConfidentialityRequirement,
// "IR": v3IntegrityRequirement,
// "AR": v3AvailabilityRequirement,
// "MAV": v3ModifiedAttackVector,
// "MAC": v3ModifiedAttackComplexity,
// "MPR": v3ModifiedPrivilegesRequired,
// "MUI": v3ModifiedUserInteraction,
// "MS": v3ModifiedScope,
// "MC": v3ModifiedConfidentiality,
// "MI": v3ModifiedIntegrity,
// "MA": v3ModifiedAvailability,
// }
//
// // Get metric key from string.
// func getV3KeyFromString(s string) (v3Key, error) {
// k, ok := v3KeyIds[s]
// if ok {
// return k, nil
// } else {
// return v3InvalidKey, newBadKey(V30, s)
// }
// }
// Get metric key name.
func (k v3Key) Name() string {
if data, ok := v3Keys[k]; ok {
return data.Name
} else {
return "invalid"
}
}
// Get metric key category.
func (k v3Key) Category() Category {
if data, ok := v3Keys[k]; ok {
return data.Category
} else {
return InvalidCategory
}
}
|
