These are base class for CVSS::v2, CVSS::v3 and CVSS::v4 classes.
METHODS
$cvss->version
Return the CVSS version.
$cvss->vector_string
Return the CVSS vector string.
$cvss->metrics
Return the HASH of CVSS metrics.
SCORE&SEVERITY
$cvss->scores
Return the HASH of calculated score (base, impact, temporal, etc.).
$scores = $cvss->scores;
say Dumper($scores);
# { "base" => "7.4",
# "exploitability" => "1.6",
# "impact" => "5.9" }
$cvss->calculate_score
Performs the calculation of the score in accordance with the CVSS specification.
$cvss->score_to_severity ( $score )
Convert the score in severity
$cvss->base_score
Return the base score (0 - 10).
$cvss->base_severity
Return the base severity (LOW, MEDIUM, HIGH or CRITICAL).
$cvss->temporal_score
Return the temporal score (0 - 10) -- (CVSS 2.0/3.x)
$cvss->temporal_severity
Return the temporal severity (LOW, MEDIUM, HIGH or CRITICAL) -- (CVSS 2.0/3.x)
$cvss->environmental_score
Return the environmental score (0 - 10) -- (CVSS 2.0/3.x)
$cvss->environmental_severity
Return the environmental severity (LOW, MEDIUM, HIGH or CRITICAL) -- (CVSS 2.0/3.x)
$cvss->impact_score
Return the impact score (0 - 10) -- (CVSS 2.0/3.x)
$cvss->exploitability_score
Return the exploitability score (0 - 10) -- (CVSS 2.0/3.x)
$cvss->modified_impact_score
Return the modified impact score (0 - 10) -- (CVSS 2.0/3.x)
METRICS
$cvss->M ( $metric )
Return the metric value (short)
say $cvss->M('AV'); # A
$cvss->metric ( $metric )
Return the metric value (long)
say $cvss->metric('AV'); # ADJACENT_NETWORK
$cvss->metric_group_is_set ( $group )
DATAREPRESENTATIONS
$cvss->to_vector_string
Convert the CVSS object in vector string
say $cvss->to_vector_string; # CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
# or
say $cvss; # CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
$cvss->to_xml
Convert the CVSS object in XML in according of CVSS XML Schema Definition.
• https://nvd.nist.gov/schema/cvss-v2_0.2.xsd - XSD for CVSS v2.0
• https://www.first.org/cvss/cvss-v3.0.xsd - XSD for CVSS v3.0
• https://www.first.org/cvss/cvss-v3.1.xsd - XSD for CVSS v3.1
• https://www.first.org/cvss/cvss-v4.0.xsd - XSD for CVSS v4.0
say $cvss->to_xml;
# <?xml version="1.0" encoding="UTF-8"?>
# <cvssv3.1 xmlns="https://www.first.org/cvss/cvss-v3.1.xsd"
# xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
# xsi:schemaLocation="https://www.first.org/cvss/cvss-v3.1.xsd https://www.first.org/cvss/cvss-v3.1.xsd"
# >
#
# <base_metrics>
# <attack-vector>ADJACENT_NETWORK</attack-vector>
# <attack-complexity>LOW</attack-complexity>
# <privileges-required>LOW</privileges-required>
# <user-interaction>REQUIRED</user-interaction>
# <scope>UNCHANGED</scope>
# <confidentiality-impact>HIGH</confidentiality-impact>
# <integrity-impact>HIGH</integrity-impact>
# <availability-impact>HIGH</availability-impact>
# <base-score>7.4</base-score>
# <base-severity>HIGH</base-severity>
# </base_metrics>
#
# </cvssv3.1>
$cvss->TO_JSON
Helper method for JSON modules (JSON, JSON::PP, JSON::XS, Mojo::JSON, etc).
Convert the CVSS object in JSON format in according of CVSS JSON Schema.
• https://www.first.org/cvss/cvss-v2.0.json - JSON Schema for CVSS v2.0.
• https://www.first.org/cvss/cvss-v3.0.json - JSON Schema for CVSS v3.0.
• https://www.first.org/cvss/cvss-v3.1.json - JSON Schema for CVSS v3.1.
• https://www.first.org/cvss/cvss-v4.0.json - JSON Schema for CVSS v4.0.
use Mojo::JSON qw(encode_json);
say encode_json($cvss);
# {
# "attackComplexity" : "LOW",
# "attackVector" : "ADJACENT_NETWORK",
# "availabilityImpact" : "HIGH",
# "baseScore" : 7.4,
# "baseSeverity" : "HIGH",
# "confidentialityImpact" : "HIGH",
# "integrityImpact" : "HIGH",
# "privilegesRequired" : "LOW",
# "scope" : "UNCHANGED",
# "userInteraction" : "REQUIRED",
# "vectorString" : "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
# "version" : "3.1"
# }
CONSTANTS
$cvss->ATTRIBUTES
Returns the HASH of all metrics in "{ "JSON name" => "metric", ... }" format.
$cvss->METRIC_GROUPS
Returns the HASH of the metric group (base, environmental, temporal, etc.) and its metrics.
$cvss->METRIC_NAMES
Returns the HASH of the names of all metric values.
$cvss->METRIC_VALUES
Returns the HASH of all metric values.
$cvss->NOT_DEFINED_VALUE
Returns the NOT_DEFINED vector value ("ND" or "X").
$cvss->SCORE_SEVERITY
Returns the HASH of "{ severity => { min => score, max => score }, ... }" used by
"score_to_severity".
$cvss->VECTOR_STRING_REGEX
Return the Vector String REGEX.
Install Now
PNG Icons
