public static CvssV2BaseScore FromVectorString(string vectorString)
{
vectorString = vectorString ?? throw new ArgumentNullException(nameof(vectorString));
if (string.IsNullOrWhiteSpace(vectorString))
{
throw new ArgumentException("Not a valid CVSS V3 vector string, invalid format", nameof(vectorString));
}
var cvssV2BaseScore = new CvssV2BaseScore
{
AccessVector = VectorStringParser <CvssV2Enums.AccessVector> .Parse(vectorString),
AccessComplexity = VectorStringParser <CvssV2Enums.AccessComplexity> .Parse(vectorString),
Authentication = VectorStringParser <CvssV2Enums.Authentication> .Parse(vectorString),
ConfidentialityImpact = VectorStringParser <CvssV2Enums.ConfidentialityImpact> .Parse(vectorString),
IntegrityImpact = VectorStringParser <CvssV2Enums.IntegrityImpact> .Parse(vectorString),
AvailabilityImpact = VectorStringParser <CvssV2Enums.AvailabilityImpact> .Parse(vectorString),
};
var hasAllRequiredValues = true;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AccessVector != CvssV2Enums.AccessVector.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AccessComplexity != CvssV2Enums.AccessComplexity.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.Authentication != CvssV2Enums.Authentication.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.ConfidentialityImpact != CvssV2Enums.ConfidentialityImpact.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.IntegrityImpact != CvssV2Enums.IntegrityImpact.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AvailabilityImpact != CvssV2Enums.AvailabilityImpact.NotSpecified;
if (!hasAllRequiredValues)
{
throw new ArgumentException("Not a valid CVSS V2 vector string, missing required metric", nameof(vectorString));
}
return(cvssV2BaseScore);
}
public CvssV2Score()
{
BaseScore = new CvssV2BaseScore();
TemporalScore = new CvssV2TemporalScore();
EnvironmentalScore = new CvssV2EnvironmentalScore();
}
public static CvssV3BaseScore FromCvssV2BaseScore(CvssV2BaseScore cvssV2BaseScore)
{
var cvssV3BaseScore = new CvssV3BaseScore();
switch (cvssV2BaseScore.AccessVector)
{
case CvssV2Enums.AccessVector.Network:
cvssV3BaseScore.AttackVector = CvssV3Enums.AttackVector.Network;
break;
case CvssV2Enums.AccessVector.AdjacentNetwork:
cvssV3BaseScore.AttackVector = CvssV3Enums.AttackVector.Adjacent;
break;
}
switch (cvssV2BaseScore.Authentication)
{
case CvssV2Enums.Authentication.None:
cvssV3BaseScore.PrivilegesRequired = CvssV3Enums.PrivilegesRequired.None;
break;
}
switch (cvssV2BaseScore.ConfidentialityImpact)
{
case CvssV2Enums.ConfidentialityImpact.Complete:
cvssV3BaseScore.Confidentiality = CvssV3Enums.Confidentiality.High;
break;
case CvssV2Enums.ConfidentialityImpact.Partial:
cvssV3BaseScore.Confidentiality = CvssV3Enums.Confidentiality.Low;
break;
case CvssV2Enums.ConfidentialityImpact.None:
cvssV3BaseScore.Confidentiality = CvssV3Enums.Confidentiality.None;
break;
}
switch (cvssV2BaseScore.IntegrityImpact)
{
case CvssV2Enums.IntegrityImpact.Complete:
cvssV3BaseScore.Integrity = CvssV3Enums.Integrity.High;
break;
case CvssV2Enums.IntegrityImpact.Partial:
cvssV3BaseScore.Integrity = CvssV3Enums.Integrity.Low;
break;
case CvssV2Enums.IntegrityImpact.None:
cvssV3BaseScore.Integrity = CvssV3Enums.Integrity.None;
break;
}
switch (cvssV2BaseScore.AvailabilityImpact)
{
case CvssV2Enums.AvailabilityImpact.Complete:
cvssV3BaseScore.Availability = CvssV3Enums.Availability.High;
break;
case CvssV2Enums.AvailabilityImpact.Partial:
cvssV3BaseScore.Availability = CvssV3Enums.Availability.Low;
break;
case CvssV2Enums.AvailabilityImpact.None:
cvssV3BaseScore.Availability = CvssV3Enums.Availability.None;
break;
}
return(cvssV3BaseScore);
}
