Committer: root <root@fruw.org>

powershell/cve-sort/README.md

@@ -0,0 +1,2 @@
+# cve-sort
+

powershell/cve-sort/cve-sort.sh

@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+echo "CVE;Вердиткт;Критичность уязвимости;Вектор атаки;Комментарий" > cve-out.csv
+MAX_CVE=$(wc -l cve-in | grep -o [0-9]*)
+for CVE in $(cat cve-in)
+do
+  let "CURRENT_CVE++"
+  CURL_CVE=$(curl -s https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=$CVE)
+  ATTACK_VECTOR=$(echo $CURL_CVE | grep -o '"accessVector":"[^"]*' | egrep -o '[^"]*$')
+  BASE_SCORE=$(printf "%.0f" $(echo $CURL_CVE | egrep -o '"baseScore":[0-9]?[0-9]\.[0-9]' \
+  | egrep -o '[0-9]?[0-9]\.[0-9]' | head -1))
+  DESCRIPTION=$(echo $CURL_CVE | grep -o '"value":"[^"]*' | egrep -o '[^"]*$')
+  if [[ "$ATTACK_VECTOR" == *"PHYSICAL"* ]]
+  then
+    VERDICT="НЕ ОБНОВЛЯТЬ!"
+  elif [[ "$BASE_SCORE" -le 3 ]]
+  then
+    VERDICT="НЕ ОБНОВЛЯТЬ!"
+  elif [[ "$BASE_SCORE" -gt 7 ]]
+  then
+    VERDICT="ОБНОВЛЯТЬ!"
+  elif [[ "$ATTACK_VECTOR" != *"LOCAL"* ]]
+  then
+    VERDICT="ОБНОВЛЯТЬ!"
+  else
+    VERDICT="НЕ ОБНОВЛЯТЬ!"
+  fi
+  echo "$CVE;$VERDICT;$BASE_SCORE;$ATTACK_VECTOR;$DESCRIPTION" >> cve-out.csv
+  echo "$CURRENT_CVE/$MAX_CVE - $CVE"
+  sleep 20
+done