Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
@cn-kali-team
cn-kali-team committed Nov 24, 2023
1 parent f059c7a commit 0475af6
Show file tree
Hide file tree
Showing 9 changed files with 356 additions and 153 deletions.
173 changes: 165 additions & 8 deletions cve/src/api/mod.rs
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,181 @@
use chrono::NaiveDateTime;
use serde::{Deserialize, Serialize};
use crate::{date_format, DescriptionData};
use crate::impact::ImpactMetrics;
use crate::v4::{DescriptionData, ProblemTypeDataItem, Reference};
use crate::v4::configurations::{Node};

#[derive(Debug, Serialize, Deserialize, Clone)]
#[serde(rename_all(deserialize = "camelCase"), deny_unknown_fields)]
#[serde(rename_all(deserialize = "camelCase"))]
pub struct CVE {
pub id: String,
pub source_identifier: String,
#[serde(with = "date_format")]
pub published_date: NaiveDateTime,
pub published: NaiveDateTime,
// 最后修改时间
#[serde(with = "date_format")]
pub last_modified_date: NaiveDateTime,
pub last_modified: NaiveDateTime,
pub vuln_status: VulnStatus,
pub descriptions: Vec<DescriptionData>,
pub metrics: ImpactMetrics,
pub weaknesses: Vec<ProblemTypeDataItem>,
pub configurations: Vec<Node>,
pub references: Vec<Reference>,
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum VulnStatus {
Analyzed
}
Analyzed,
#[serde(rename="Undergoing Analysis")]
UndergoingAnalysis,
}


#[cfg(test)]
mod tests {
use crate::api::CVE;
use crate::v4::configurations::Node;

#[test]
fn nodes() {
let j = r#"
[
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cherokee-project:cherokee_web_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.103",
"matchCriteriaId": "DCE1E311-F9E5-4752-9F51-D5DA78B7BBFA"
}
]
}
]"#;
let i: Vec<Node> = serde_json::from_str(j).unwrap();
println!("{:?}", i);
}

#[test]
fn cve() {
let j = r#"{
"id": "CVE-2023-0001",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-02-08T18:15:11.523",
"lastModified": "2023-11-21T19:15:08.073",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:*:*:*",
"versionStartIncluding": "7.5",
"versionEndExcluding": "7.5.101",
"matchCriteriaId": "EC5B0E84-B9A5-4FE3-B2E5-A64AEF57BCF3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0001",
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}"#;
let i: CVE = serde_json::from_str(j).unwrap();
println!("{:?}", i);
}
}
34 changes: 26 additions & 8 deletions cve/src/impact.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,30 @@ use serde::{Deserialize, Serialize};
pub struct ImpactMetrics {
// TODO: Implement V1?
// cvssV2 过期
#[serde(skip_serializing_if = "Option::is_none")]
pub base_metric_v2: Option<ImpactMetricV2>,
#[serde(skip_serializing_if = "Option::is_none", alias = "cvssMetricV2")]
pub base_metric_v2: Option<OneOrMany<ImpactMetricV2>>,
// cvssV3
pub base_metric_v3: Option<ImpactMetricV3>,
#[serde(skip_serializing_if = "Option::is_none", alias = "cvssMetricV31")]
pub base_metric_v3: Option<OneOrMany<ImpactMetricV3>>,
// TODO: Implement V4?
}

// 为了兼容API接口返回的数据和json归档数据结构
#[derive(Debug, Serialize, Deserialize, Clone)]
#[serde(untagged)]
pub enum OneOrMany<T> {
One(T),
Many(Vec<T>),
}

impl<T> From<OneOrMany<T>> for Vec<T> {
fn from(from: OneOrMany<T>) -> Self {
match from {
OneOrMany::One(val) => vec![val],
OneOrMany::Many(vec) => vec,
}
}
}

#[cfg(test)]
mod tests {
Expand All @@ -45,12 +62,13 @@ mod tests {
"exploitabilityScore": 0.8,
"impactScore": 5.9
}}"#;
let i: ImpactMetrics = serde_json::from_str(&j).unwrap();
let i: ImpactMetrics = serde_json::from_str(j).unwrap();
println!("{:?}", i);
}

#[test]
fn test_cvss_v3(){
let j2 = r#"{"baseMetricV3":{
fn test_cvss_v3() {
let j2 = r#"{"cvssMetricV31":[{
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
Expand All @@ -67,8 +85,8 @@ mod tests {
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}}"#;
let i2: ImpactMetrics = serde_json::from_str(&j2).unwrap();
}]}"#;
let i2: ImpactMetrics = serde_json::from_str(j2).unwrap();
println!("{:?}", i2);
}
}
9 changes: 0 additions & 9 deletions cve/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@
#![doc(html_root_url = "https://emo-crab.github.io/nvd-rs/cve")]

use serde::{Deserialize, Serialize};

pub mod error;
pub mod v4;
pub mod api;
Expand All @@ -38,11 +36,4 @@ mod date_format {
let s = String::deserialize(deserializer)?;
NaiveDateTime::parse_from_str(&s, FORMAT).map_err(serde::de::Error::custom)
}
}

#[derive(Debug, Serialize, Deserialize, PartialEq, Clone)]
#[serde(deny_unknown_fields)]
pub struct DescriptionData {
pub lang: String,
pub value: String,
}
Loading

0 comments on commit 0475af6

Please sign in to comment.