我正在开发一个使用返回 CVE ID 的 API 的项目。我们需要以编程方式获取有关这些 CVE 的详细信息。我们需要的主要是 CVSS v2 基向量(例如 AV:A/AC:H/Au:M/C:C/I:C/A:P)。对该漏洞的简短描述或摘要也很好。
例如,给定 CVE-2017-1000369,我们需要获得NIST 为 CVE-2017-1000369 提供的CVSS 分数和摘要。
是否有好的 API 将 CVE id 作为参数,并返回 CVSS 基向量?我试过这个,但发现它不可靠(它有时不包括基本向量,即使 NIST 提供了一个,延迟非常高,有时会完全崩溃)。
您可以使用 Red Hat 维护的 CVE API。它有很多选项来搜索给定 CVE 或其他参数的漏洞,您甚至可以按具有一系列日期(before和after过滤器)的组件运行搜索。
您可能感兴趣的查询示例如下所示:
https://access.redhat.com/labs/securitydataapi/cve/CVE-2017-1000369.json
输出将是这样的(使用您在问题中提供的 CVE):
{
"threat_severity": "Low",
"public_date": "2017-06-19T00:00:00",
"bugzilla": {
"description": "\nCVE-2017-1000369 Exim: Privilege escalation via multiple memory leaks\n ",
"id": "1457748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457748"
},
"cvss3": {
"cvss3_base_score": "2.9",
"cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"status": "draft"
},
"details": [
"\nExim supports the use of multiple \"-p\" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time.\n "
],
"statement": "\nExim itself is not vulnerable to privilege escalation, but this particular flaw in exim can be used by the stackguard vulnerability (https://access.redhat.com/security/vulnerabilities/stackguard) to achieve privilege escalation.\n ",
"package_state": {
"product_name": "Red Hat Enterprise Linux 5",
"fix_state": "Will not fix",
"package_name": "exim",
"cpe": "cpe:/o:redhat:enterprise_linux:5"
},
"name": "CVE-2017-1000369"
}
可以在此处找到 API 的完整文档。
警告:数据可能仅限于 Red Hat 产品中的组件,但根据我的使用经验,我对 API 提供的信息没有太大问题。此 API 仅使用 CVSS3,这对您来说可能是个问题。
第二个选项(支持 CVSS2)可以是NVD/CVE as JSON files托管在 Github 上的项目,具有您发布的相同 CVE 的请求示例如下:
https://olbat.github.io/nvdcve/CVE-2017-1000369.json
输出将是这样的:
{
"cve": {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-1000369",
"ASSIGNER": "cve@mitre.org"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "exim",
"product": {
"product_data": [
{
"product_name": "exim",
"version": {
"version_data": [
{
"version_value": "4.89",
"version_affected": "<="
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.debian.org/security/2017/dsa-3888",
"name": "DSA-3888",
"refsource": "DEBIAN",
"tags": [
]
},
{
"url": "http://www.securityfocus.com/bid/99252",
"name": "99252",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1038779",
"name": "1038779",
"refsource": "SECTRACK",
"tags": [
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2017-1000369",
"name": "https://access.redhat.com/security/cve/CVE-2017-1000369",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21",
"name": "https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21",
"refsource": "MISC",
"tags": [
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201709-19",
"name": "GLSA-201709-19",
"refsource": "GENTOO",
"tags": [
]
},
{
"url": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"name": "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
]
}
]
},
"description": {
"description_data": [
{
"lang": "en",
"value": "Exim supports the use of multiple \"-p\" command line arguments which are malloc()'ed and never free()'ed, used in conjunction with other issues allows attackers to cause arbitrary code execution. This affects exim version 4.89 and earlier. Please note that at this time upstream has released a patch (commit 65e061b76867a9ea7aeeb535341b790b90ae6c21), but it is not known if a new point release is available that addresses this issue at this time."
}
]
}
},
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"operator": "OR",
"cpe_match": [
{
"vulnerable": true,
"cpe23Uri": "cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.89"
}
]
}
]
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
},
"baseMetricV2": {
"cvssV2": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 2.1
},
"severity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
},
"publishedDate": "2017-06-19T16:29Z",
"lastModifiedDate": "2017-11-04T01:29Z"
}
正如您所看到的,它提供了许多可能对您的项目有用的信息(包括 CVSS V2),这两个项目仍然处于活动状态和更新中,希望对您有所帮助。