public static CvssV2BaseScore FromVectorString(string vectorString)
{
vectorString = vectorString ?? throw new ArgumentNullException(nameof(vectorString));
if (string.IsNullOrWhiteSpace(vectorString))
{
throw new ArgumentException("Not a valid CVSS V3 vector string, invalid format", nameof(vectorString));
}
var cvssV2BaseScore = new CvssV2BaseScore
{
AccessVector = VectorStringParser <CvssV2Enums.AccessVector> .Parse(vectorString),
AccessComplexity = VectorStringParser <CvssV2Enums.AccessComplexity> .Parse(vectorString),
Authentication = VectorStringParser <CvssV2Enums.Authentication> .Parse(vectorString),
ConfidentialityImpact = VectorStringParser <CvssV2Enums.ConfidentialityImpact> .Parse(vectorString),
IntegrityImpact = VectorStringParser <CvssV2Enums.IntegrityImpact> .Parse(vectorString),
AvailabilityImpact = VectorStringParser <CvssV2Enums.AvailabilityImpact> .Parse(vectorString),
};
var hasAllRequiredValues = true;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AccessVector != CvssV2Enums.AccessVector.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AccessComplexity != CvssV2Enums.AccessComplexity.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.Authentication != CvssV2Enums.Authentication.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.ConfidentialityImpact != CvssV2Enums.ConfidentialityImpact.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.IntegrityImpact != CvssV2Enums.IntegrityImpact.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV2BaseScore.AvailabilityImpact != CvssV2Enums.AvailabilityImpact.NotSpecified;
if (!hasAllRequiredValues)
{
throw new ArgumentException("Not a valid CVSS V2 vector string, missing required metric", nameof(vectorString));
}
return(cvssV2BaseScore);
}
public static CvssV3TemporalScore FromVectorString(string vectorString)
{
vectorString = vectorString ?? throw new ArgumentNullException(nameof(vectorString));
if (string.IsNullOrWhiteSpace(vectorString) ||
!Regex.IsMatch(vectorString, "^CVSS:3\\.0\\/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])\\/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"))
{
throw new ArgumentException("Not a valid CVSS V3 vector string, invalid format", nameof(vectorString));
}
var cvssV3TemporalScore = new CvssV3TemporalScore
{
ExploitCodeMaturity = VectorStringParser <CvssV3Enums.ExploitCodeMaturity> .Parse(vectorString),
RemediationLevel = VectorStringParser <CvssV3Enums.RemediationLevel> .Parse(vectorString),
ReportConfidence = VectorStringParser <CvssV3Enums.ReportConfidence> .Parse(vectorString),
};
return(cvssV3TemporalScore);
}
public static CvssV3BaseScore FromVectorString(string vectorString)
{
vectorString = vectorString ?? throw new ArgumentNullException(nameof(vectorString));
if (string.IsNullOrWhiteSpace(vectorString) ||
!Regex.IsMatch(vectorString, "^CVSS:3\\.0\\/((AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])\\/)*(AV:[NALP]|AC:[LH]|PR:[UNLH]|UI:[NR]|S:[UC]|[CIA]:[NLH]|E:[XUPFH]|RL:[XOTWU]|RC:[XURC]|[CIA]R:[XLMH]|MAV:[XNALP]|MAC:[XLH]|MPR:[XUNLH]|MUI:[XNR]|MS:[XUC]|M[CIA]:[XNLH])$"))
{
throw new ArgumentException("Not a valid CVSS V3 vector string, invalid format", nameof(vectorString));
}
var cvssV3BaseScore = new CvssV3BaseScore
{
AttackVector = VectorStringParser <CvssV3Enums.AttackVector> .Parse(vectorString),
AttackComplexity = VectorStringParser <CvssV3Enums.AttackComplexity> .Parse(vectorString),
PrivilegesRequired = VectorStringParser <CvssV3Enums.PrivilegesRequired> .Parse(vectorString),
UserInteraction = VectorStringParser <CvssV3Enums.UserInteraction> .Parse(vectorString),
Scope = VectorStringParser <CvssV3Enums.Scope> .Parse(vectorString),
Confidentiality = VectorStringParser <CvssV3Enums.Confidentiality> .Parse(vectorString),
Integrity = VectorStringParser <CvssV3Enums.Integrity> .Parse(vectorString),
Availability = VectorStringParser <CvssV3Enums.Availability> .Parse(vectorString),
};
var hasAllRequiredValues = true;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.AttackVector != CvssV3Enums.AttackVector.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.AttackComplexity != CvssV3Enums.AttackComplexity.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.PrivilegesRequired != CvssV3Enums.PrivilegesRequired.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.UserInteraction != CvssV3Enums.UserInteraction.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.Scope != CvssV3Enums.Scope.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.Confidentiality != CvssV3Enums.Confidentiality.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.Integrity != CvssV3Enums.Integrity.NotSpecified;
hasAllRequiredValues = hasAllRequiredValues && cvssV3BaseScore.Availability != CvssV3Enums.Availability.NotSpecified;
if (!hasAllRequiredValues)
{
throw new ArgumentException("Not a valid CVSS V3 vector string, missing required metric", nameof(vectorString));
}
return(cvssV3BaseScore);
}
