Cvss3ScoringEngine | vuln-vects

Implements a service offering CVSS v3 vulnerability scoring.

remarks: Consumers should ensure that they make sure of the validation features built in to this class in the form of the validate and isValid functions. Attempting to call computeScore on an instance with an invalid configuration will raise an exception.

Hierarchy

Cvss3ScoringEngine

Implements

CvssScoringEngine

Index

Constructors

constructor

Methods

Constructors

constructor

new Cvss3ScoringEngine(): Cvss3ScoringEngine

- Defined in cvss3-scoring-engine.ts:77
Initializes a new instance of a service offering CVSS v3 vulnerability scoring.

Returns Cvss3ScoringEngine

Properties

Private _attackComplexity

_attackComplexity: AttackComplexity

Private _attackVector

_attackVector: AttackVector

Private _availabilityImpact

_availabilityImpact: Impact

Private _availabilityRequirement

_availabilityRequirement: SecurityRequirement

Private _confidentialityImpact

_confidentialityImpact: Impact

Private _confidentialityRequirement

_confidentialityRequirement: SecurityRequirement

Private _exploitCodeMaturity

_exploitCodeMaturity: ExploitCodeMaturity

Private _integrityImpact

_integrityImpact: Impact

Private _integrityRequirement

_integrityRequirement: SecurityRequirement

Private _modifiedAttackComplexity

_modifiedAttackComplexity: AttackComplexity

Private _modifiedAttackVector

_modifiedAttackVector: AttackVector

Private _modifiedAvailabilityImpact

_modifiedAvailabilityImpact: Impact

Private _modifiedConfidentialityImpact

_modifiedConfidentialityImpact: Impact

Private _modifiedIntegrityImpact

_modifiedIntegrityImpact: Impact

Private _modifiedPrivilegesRequired

_modifiedPrivilegesRequired: PrivilegesRequired

Private _modifiedScope

_modifiedScope: Scope

Private _modifiedUserInteraction

_modifiedUserInteraction: UserInteraction

Private _privilegesRequired

_privilegesRequired: PrivilegesRequired

Private _remediationLevel

_remediationLevel: RemediationLevel

Private _reportConfidence

_reportConfidence: ReportConfidence

Private _scope

_scope: Scope

Private _userInteraction

_userInteraction: UserInteraction

Accessors

attackComplexity

get attackComplexity(): AttackComplexity
set attackComplexity(attackComplexity: AttackComplexity): void

- Defined in cvss3-scoring-engine.ts:121
Gets or sets the attack complexity.

Returns AttackComplexity
- Defined in cvss3-scoring-engine.ts:124
Gets or sets the attack complexity.

Parameters
- attackComplexity: AttackComplexity
Returns void

attackVector

get attackVector(): AttackVector
set attackVector(attackVector: AttackVector): void

- Defined in cvss3-scoring-engine.ts:111
Gets or sets the attack vector.

Returns AttackVector
- Defined in cvss3-scoring-engine.ts:114
Gets or sets the attack vector.

Parameters
- attackVector: AttackVector
Returns void

availabilityImpact

get availabilityImpact(): Impact
set availabilityImpact(availabilityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:181
Gets or sets the availability impact.

Returns Impact
- Defined in cvss3-scoring-engine.ts:184
Gets or sets the availability impact.

Parameters
- availabilityImpact: Impact
Returns void

availabilityRequirement

get availabilityRequirement(): SecurityRequirement
set availabilityRequirement(availabilityRequirement: SecurityRequirement): void

- Defined in cvss3-scoring-engine.ts:321
Gets or sets the availability requirement.

Returns SecurityRequirement
- Defined in cvss3-scoring-engine.ts:324
Gets or sets the availability requirement.

Parameters
- availabilityRequirement: SecurityRequirement
Returns void

confidentialityImpact

get confidentialityImpact(): Impact
set confidentialityImpact(confidentialityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:161
Gets or sets the confidentiality impact.

Returns Impact
- Defined in cvss3-scoring-engine.ts:164
Gets or sets the confidentiality impact.

Parameters
- confidentialityImpact: Impact
Returns void

confidentialityRequirement

get confidentialityRequirement(): SecurityRequirement
set confidentialityRequirement(confidentialityRequirement: SecurityRequirement): void

- Defined in cvss3-scoring-engine.ts:301
Gets or sets the confidentiality requirement.

Returns SecurityRequirement
- Defined in cvss3-scoring-engine.ts:304
Gets or sets the confidentiality requirement.

Parameters
- confidentialityRequirement: SecurityRequirement
Returns void

exploitCodeMaturity

get exploitCodeMaturity(): ExploitCodeMaturity
set exploitCodeMaturity(exploitCodeMaturity: ExploitCodeMaturity): void

- Defined in cvss3-scoring-engine.ts:191
Gets or sets the exploit code maturity.

Returns ExploitCodeMaturity
- Defined in cvss3-scoring-engine.ts:194
Gets or sets the exploit code maturity.

Parameters
- exploitCodeMaturity: ExploitCodeMaturity
Returns void

integrityImpact

get integrityImpact(): Impact
set integrityImpact(integrityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:171
Gets or sets the integrity impact.

Returns Impact
- Defined in cvss3-scoring-engine.ts:174
Gets or sets the integrity impact.

Parameters
- integrityImpact: Impact
Returns void

integrityRequirement

get integrityRequirement(): SecurityRequirement
set integrityRequirement(integrityRequirement: SecurityRequirement): void

- Defined in cvss3-scoring-engine.ts:311
Gets or sets the integrity requirement.

Returns SecurityRequirement
- Defined in cvss3-scoring-engine.ts:314
Gets or sets the integrity requirement.

Parameters
- integrityRequirement: SecurityRequirement
Returns void

modifiedAttackComplexity

get modifiedAttackComplexity(): AttackComplexity
set modifiedAttackComplexity(modifiedAttackComplexity: AttackComplexity): void

- Defined in cvss3-scoring-engine.ts:231
Gets or sets the modified attack complexity.

Returns AttackComplexity
- Defined in cvss3-scoring-engine.ts:234
Gets or sets the modified attack complexity.

Parameters
- modifiedAttackComplexity: AttackComplexity
Returns void

modifiedAttackVector

get modifiedAttackVector(): AttackVector
set modifiedAttackVector(modifiedAttackVector: AttackVector): void

- Defined in cvss3-scoring-engine.ts:221
Gets or sets the modified attack vector.

Returns AttackVector
- Defined in cvss3-scoring-engine.ts:224
Gets or sets the modified attack vector.

Parameters
- modifiedAttackVector: AttackVector
Returns void

modifiedAvailabilityImpact

get modifiedAvailabilityImpact(): Impact
set modifiedAvailabilityImpact(modifiedAvailabilityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:291
Gets or sets modified availability impact

Returns Impact
- Defined in cvss3-scoring-engine.ts:294
Gets or sets modified availability impact

Parameters
- modifiedAvailabilityImpact: Impact
Returns void

modifiedConfidentialityImpact

get modifiedConfidentialityImpact(): Impact
set modifiedConfidentialityImpact(modifiedConfidentialityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:271
Gets or sets modified confidentiality impact

Returns Impact
- Defined in cvss3-scoring-engine.ts:274
Gets or sets modified confidentiality impact

Parameters
- modifiedConfidentialityImpact: Impact
Returns void

modifiedIntegrityImpact

get modifiedIntegrityImpact(): Impact
set modifiedIntegrityImpact(modifiedIntegrityImpact: Impact): void

- Defined in cvss3-scoring-engine.ts:281
Gets or sets modified integrity impact

Returns Impact
- Defined in cvss3-scoring-engine.ts:284
Gets or sets modified integrity impact

Parameters
- modifiedIntegrityImpact: Impact
Returns void

modifiedPrivilegesRequired

get modifiedPrivilegesRequired(): PrivilegesRequired
set modifiedPrivilegesRequired(modifiedPrivilegesRequired: PrivilegesRequired): void

- Defined in cvss3-scoring-engine.ts:241
Gets or sets the Privileges Required.

Returns PrivilegesRequired
- Defined in cvss3-scoring-engine.ts:244
Gets or sets the Privileges Required.

Parameters
- modifiedPrivilegesRequired: PrivilegesRequired
Returns void

modifiedScope

get modifiedScope(): Scope
set modifiedScope(modifiedScope: Scope): void

- Defined in cvss3-scoring-engine.ts:261
Gets or sets scope

Returns Scope
- Defined in cvss3-scoring-engine.ts:264
Gets or sets scope

Parameters
- modifiedScope: Scope
Returns void

modifiedUserInteraction

get modifiedUserInteraction(): UserInteraction
set modifiedUserInteraction(modifiedUserInteraction: UserInteraction): void

- Defined in cvss3-scoring-engine.ts:251
Gets or sets the user interaction.

Returns UserInteraction
- Defined in cvss3-scoring-engine.ts:254
Gets or sets the user interaction.

Parameters
- modifiedUserInteraction: UserInteraction
Returns void

privilegesRequired

get privilegesRequired(): PrivilegesRequired
set privilegesRequired(privilegesRequired: PrivilegesRequired): void

- Defined in cvss3-scoring-engine.ts:131
Gets or sets the Privileges Required.

Returns PrivilegesRequired
- Defined in cvss3-scoring-engine.ts:134
Gets or sets the Privileges Required.

Parameters
- privilegesRequired: PrivilegesRequired
Returns void

remediationLevel

get remediationLevel(): RemediationLevel
set remediationLevel(remediationLevel: RemediationLevel): void

- Defined in cvss3-scoring-engine.ts:201
Gets or sets the remediation level.

Returns RemediationLevel
- Defined in cvss3-scoring-engine.ts:204
Gets or sets the remediation level.

Parameters
- remediationLevel: RemediationLevel
Returns void

reportConfidence

get reportConfidence(): ReportConfidence
set reportConfidence(reportConfidence: ReportConfidence): void

- Defined in cvss3-scoring-engine.ts:211
Gets or sets the report confidence.

Returns ReportConfidence
- Defined in cvss3-scoring-engine.ts:214
Gets or sets the report confidence.

Parameters
- reportConfidence: ReportConfidence
Returns void

scope

get scope(): Scope
set scope(scope: Scope): void

- Defined in cvss3-scoring-engine.ts:151
Gets or sets scope

Returns Scope
- Defined in cvss3-scoring-engine.ts:154
Gets or sets scope

Parameters
- scope: Scope
Returns void

userInteraction

get userInteraction(): UserInteraction
set userInteraction(userInteraction: UserInteraction): void

- Defined in cvss3-scoring-engine.ts:141
Gets or sets the user interaction.

Returns UserInteraction
- Defined in cvss3-scoring-engine.ts:144
Gets or sets the user interaction.

Parameters
- userInteraction: UserInteraction
Returns void

Methods

Private computeBaseImpactSubscore

computeBaseImpactSubscore(): number

- Defined in cvss3-scoring-engine.ts:489
Computes the base impact subscore (called ISC_Base) in the specification.

Returns number

the base impact subscore

Private computeBaseScore

computeBaseScore(): number

- Defined in cvss3-scoring-engine.ts:606
Computes the base score.

Returns number

the base score

Private computeEnvironmentalScore

computeEnvironmentalScore(): number

- Defined in cvss3-scoring-engine.ts:774
Computes the environmental score.

Returns number

the Environmental score.

Private computeExploitabilitySubscore

computeExploitabilitySubscore(): number

- Defined in cvss3-scoring-engine.ts:588
Computes the exploitability subscore.

Returns number

the exploitability subscore

Private computeImpactSubscore

computeImpactSubscore(): number

- Defined in cvss3-scoring-engine.ts:505
Computes the impact subscore (called ISC in the specification).

Returns number

the impact subscore

Private computeIscModified

computeIscModified(): number

- Defined in cvss3-scoring-engine.ts:717
Computes the value defined in the specification as ISC_Modified.

Returns number

the value defined in the specification as ISC_Modified.

Private computeModifiedExploitabilitySubscore

computeModifiedExploitabilitySubscore(): number

- Defined in cvss3-scoring-engine.ts:758
Computes the modified exploitability subscore.

Returns number

the modified exploitability subscore

Private computeModifiedImpactSubscore

computeModifiedImpactSubscore(): number

- Defined in cvss3-scoring-engine.ts:741
Computes the modified impact subscore.

Returns number

the modified impact subscore.

Private computeOverallScore

computeOverallScore(): number

- Defined in cvss3-scoring-engine.ts:831
Computes the overall score.

Returns number

the overall score

computeScore

computeScore(): CvssScore

Implementation of CvssScoringEngine.computeScore
- Defined in cvss3-scoring-engine.ts:847
Computes the CVSS score set under the current configuration.

Returns CvssScore

the computed CVSS score set

Private computeTemporalScore

computeTemporalScore(): number

- Defined in cvss3-scoring-engine.ts:680
Computes the temporal score.

Returns number

the temporal score

Private getModifiedAttackComplexityValue

getModifiedAttackComplexityValue(): AttackComplexity

- Defined in cvss3-scoring-engine.ts:343
Gets the modified attack complexity if defined, otherwise returns the base attack complexity.

Returns AttackComplexity

the modified attack complexity if defined, otherwise the base attack complexity

Private getModifiedAttackVectorValue

getModifiedAttackVectorValue(): AttackVector

- Defined in cvss3-scoring-engine.ts:333
Gets the modified attack vector if defined, otherwise returns the base attack vector.

Returns AttackVector

the modified attack vector if defined, otherwise the base attack vector

Private getModifiedAvailabilityImpactValue

getModifiedAvailabilityImpactValue(): Impact

- Defined in cvss3-scoring-engine.ts:403
Gets the modified availability impact if defined, otherwise returns the base availability impact.

Returns Impact

the modified availability impact if defined, otherwise the base availability impact

Private getModifiedConfidentialityImpactValue

getModifiedConfidentialityImpactValue(): Impact

- Defined in cvss3-scoring-engine.ts:383
Gets the modified confidentiality impact if defined, otherwise returns the base confidentiality impact.

Returns Impact

the modified confidentiality impact if defined, otherwise the base confidentiality impact

Private getModifiedIntegrityImpactValue

getModifiedIntegrityImpactValue(): Impact

- Defined in cvss3-scoring-engine.ts:393
Gets the modified integrity impact if defined, otherwise returns the base integrity impact.

Returns Impact

the modified integrity impact if defined, otherwise the base integrity impact

Private getModifiedPrivilegesRequiredValue

getModifiedPrivilegesRequiredValue(): PrivilegesRequired

- Defined in cvss3-scoring-engine.ts:353
Gets the modified privileges required if defined, otherwise returns the base privileges required.

Returns PrivilegesRequired

the modified privileges required if defined, otherwise the base privileges required

Private getModifiedScopeValue

getModifiedScopeValue(): Scope

- Defined in cvss3-scoring-engine.ts:373
Gets the modified scope if defined, otherwise returns the base scope.

Returns Scope

the modified scope if defined, otherwise the base scope

Private getModifiedUserInteractionValue

getModifiedUserInteractionValue(): UserInteraction

- Defined in cvss3-scoring-engine.ts:363
Gets the modified user interaction if defined, otherwise returns the base user interaction.

Returns UserInteraction

the modified user interaction if defined, otherwise the base user interaction

isEnvironmentalScoreDefined

isEnvironmentalScoreDefined(): boolean

- Defined in cvss3-scoring-engine.ts:812
Gets whether or not an environmental score is defined.

Returns boolean

true if an environmental score is defined, otherwise false

isTemporalScoreDefined

isTemporalScoreDefined(): boolean

- Defined in cvss3-scoring-engine.ts:801
Gets whether or not a temporal score is defined.

Returns boolean

true if a temporal score is defined, otherwise false

isValid

isValid(): boolean

Implementation of CvssScoringEngine.isValid
- Defined in cvss3-scoring-engine.ts:463
Validates that this instance is ready to compute a CVSS score.

Returns boolean

true if this instance is ready to compute a CVSS score, otherwise false

validate

validate(): ScoreValidationError[]

Implementation of CvssScoringEngine.validate
- Defined in cvss3-scoring-engine.ts:413
Audits the readiness of this instance to compute a CVSS score.

Returns ScoreValidationError[]

a list of validation errors discovered that must be addressed before score generation

Static Private renderAttackComplexity

renderAttackComplexity(attackComplexity: AttackComplexity): number

- Defined in cvss3-scoring-engine.ts:541
Converts an AttackComplexity enum value to a number for use in calculations.

Parameters
- attackComplexity: AttackComplexity
  
  the enum value to convert
Returns number

Static Private renderAttackVector

renderAttackVector(attackVector: AttackVector): number

- Defined in cvss3-scoring-engine.ts:522
Converts an AttackVector enum value to a number for use in calculations.

Parameters
- attackVector: AttackVector
  
  the enum value to convert
Returns number

Static Private renderExploitCodeMaturity

renderExploitCodeMaturity(exploitCodeMaturity: ExploitCodeMaturity): number

- Defined in cvss3-scoring-engine.ts:625
Converts an ExploitCodeMaturity enum value to a number for use in calculations.

Parameters
- exploitCodeMaturity: ExploitCodeMaturity
  
  the enum value to convert
Returns number

Static Private renderImpact

renderImpact(impact: Impact): number

- Defined in cvss3-scoring-engine.ts:472
Converts an Impact enum value to a number for use in calculations.

Parameters
- impact: Impact
  
  the enum value to convert
Returns number

Static Private renderPrivilegesRequired

renderPrivilegesRequired(privilegesRequired: PrivilegesRequired, scope: Scope): number

- Defined in cvss3-scoring-engine.ts:556
Converts a PrivilegesRequired enum value to a number for use in calculations.

Parameters
- privilegesRequired: PrivilegesRequired
  
  the enum value to convert
- scope: Scope
Returns number

Static Private renderRemediationLevel

renderRemediationLevel(remediationLevel: RemediationLevel): number

- Defined in cvss3-scoring-engine.ts:644
Converts a RemediationLevel enum value to a number for use in calculations.

Parameters
- remediationLevel: RemediationLevel
  
  the enum value to convert
Returns number

Static Private renderReportConfidence

renderReportConfidence(reportConfidence: ReportConfidence): number

- Defined in cvss3-scoring-engine.ts:663
Converts a ReportConfidence enum value to a number for use in calculations.

Parameters
- reportConfidence: ReportConfidence
  
  the enum value to convert
Returns number

Static Private renderSecurityRequirement

renderSecurityRequirement(securityRequirement: SecurityRequirement): number

- Defined in cvss3-scoring-engine.ts:700
Converts a SecurityRequirement enum value to a number for use in calculations.

Parameters
- securityRequirement: SecurityRequirement
  
  the enum value to convert
Returns number

Static Private renderUserInteraction

renderUserInteraction(userInteraction: UserInteraction): number

- Defined in cvss3-scoring-engine.ts:573
Converts a UserInteraction enum value to a number for use in calculations.

Parameters
- userInteraction: UserInteraction
Returns number

Hierarchy

Implements

Index

Constructors

Properties

Accessors

Methods

Constructors

constructor

Returns Cvss3ScoringEngine

Properties

Private _attackComplexity

Private _attackVector

Private _availabilityImpact

Private _availabilityRequirement

Private _confidentialityImpact

Private _confidentialityRequirement

Private _exploitCodeMaturity

Private _integrityImpact

Private _integrityRequirement

Private _modifiedAttackComplexity

Private _modifiedAttackVector

Private _modifiedAvailabilityImpact

Private _modifiedConfidentialityImpact

Private _modifiedIntegrityImpact

Private _modifiedPrivilegesRequired

Private _modifiedScope

Private _modifiedUserInteraction

Private _privilegesRequired

Private _remediationLevel

Private _reportConfidence

Private _scope

Private _userInteraction

Accessors

attackComplexity

Returns AttackComplexity

Parameters

attackComplexity: AttackComplexity

Returns void

attackVector

Returns AttackVector

Parameters

attackVector: AttackVector

Returns void

availabilityImpact

Returns Impact

Parameters

availabilityImpact: Impact

Returns void

availabilityRequirement

Returns SecurityRequirement

Parameters

availabilityRequirement: SecurityRequirement

Returns void

confidentialityImpact

Returns Impact

Parameters

confidentialityImpact: Impact

Returns void

confidentialityRequirement

Returns SecurityRequirement

Parameters

confidentialityRequirement: SecurityRequirement

Returns void

exploitCodeMaturity

Returns ExploitCodeMaturity

Parameters

exploitCodeMaturity: ExploitCodeMaturity

Returns void

integrityImpact

Returns Impact

Parameters

integrityImpact: Impact

Returns void

integrityRequirement

Returns SecurityRequirement

Parameters

integrityRequirement: SecurityRequirement

Returns void

modifiedAttackComplexity