aboutsummaryrefslogtreecommitdiff
path: root/internal/cvss/v3key.go
blob: 035620bf44c4b932ad528c02ab628566df161b6a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package cvss

import (
  "strings"
)

//go:generate stringer -linecomment -type=v3Key
//go:generate stringer -linecomment -type=v3Metric

// CVSS v3 metric key
type v3Key byte

const (
  v3AttackVector v3Key = iota // AV
  v3AttackComplexity // AC
  v3PrivilegesRequired // PR
  v3UserInteraction // UI
  v3Scope // S
  v3Confidentiality // C
  v3Integrity // I
  v3Availability // A
  v3ExploitCodeMaturity // E
  v3RemediationLevel // RL
  v3ReportConfidence // RC
  v3ConfidentialityRequirement // CR
  v3IntegrityRequirement // IR
  v3AvailabilityRequirement // AR
  v3ModifiedAttackVector // MAV
  v3ModifiedAttackComplexity // MAC
  v3ModifiedPrivilegesRequired // MPR
  v3ModifiedUserInteraction // MUI
  v3ModifiedScope // MS
  v3ModifiedConfidentiality // MC
  v3ModifiedIntegrity // MI
  v3ModifiedAvailability // MA

  v3InvalidKey // invalid
)

// CVSS v3 metric key info lut
var v3Keys = map[v3Key]struct {
  Name string
  Category Category
} {
  v3AttackVector: { "Attack Vector", Base },
  v3AttackComplexity: { "Attack Complexity", Base },
  v3PrivilegesRequired: { "Privileges Required", Base },
  v3UserInteraction: { "User Interaction", Base },
  v3Scope: { "Scope", Base },
  v3Confidentiality: { "Confidentiality", Base },
  v3Integrity: { "Integrity", Base },
  v3Availability: { "Availability", Base },
  v3ExploitCodeMaturity: { "Exploit Code Maturity", Temporal },
  v3RemediationLevel: { "Remediation Level", Temporal },
  v3ReportConfidence: { "Report Confidence", Temporal },
  v3ConfidentialityRequirement: { "Confidentiality Requirement", Environmental },
  v3IntegrityRequirement: { "Integrity Requirement", Environmental },
  v3AvailabilityRequirement: { "Availability Requirement", Environmental },
  v3ModifiedAttackVector: { "Modified Attack Vector", Environmental },
  v3ModifiedAttackComplexity: { "Modified Attack Complexity", Environmental },
  v3ModifiedPrivilegesRequired: { "Modified Privileges Required", Environmental },
  v3ModifiedUserInteraction: { "Modified User Interaction", Environmental },
  v3ModifiedScope: { "Modified Scope", Environmental },
  v3ModifiedConfidentiality: { "Modified Confidentiality", Environmental },
  v3ModifiedIntegrity: { "Modified Integrity", Environmental },
  v3ModifiedAvailability: { "Modified Availability", Environmental },
}

// metric key IDs lut
var v3KeyIds = map[string]v3Key {
  "AV": v3AttackVector,
  "AC": v3AttackComplexity,
  "PR": v3PrivilegesRequired,
  "UI": v3UserInteraction,
  "S": v3Scope,
  "C": v3Confidentiality,
  "I": v3Integrity,
  "A": v3Availability,
  "E": v3ExploitCodeMaturity,
  "RL": v3RemediationLevel,
  "RC": v3ReportConfidence,
  "CR": v3ConfidentialityRequirement,
  "IR": v3IntegrityRequirement,
  "AR": v3AvailabilityRequirement,
  "MAV": v3ModifiedAttackVector,
  "MAC": v3ModifiedAttackComplexity,
  "MPR": v3ModifiedPrivilegesRequired,
  "MUI": v3ModifiedUserInteraction,
  "MS": v3ModifiedScope,
  "MC": v3ModifiedConfidentiality,
  "MI": v3ModifiedIntegrity,
  "MA": v3ModifiedAvailability,
}

// // Get metric key from string.
// func getV3KeyFromString(s string) (v3Key, error) {
//   k, ok := v3KeyIds[s]
//   if ok {
//     return k, nil
//   } else {
//     return v3InvalidKey, newBadKey(V30, s)
//   }
// }

// Get metric key name.
func (k v3Key) Name() string {
  return v3Keys[k].Name
}

// Get metric key category.
func (k v3Key) Category() Category {
  return v3Keys[k].Category
}