Open SCAP Library
Loading...
Searching...
No Matches
cvss_score.h
Go to the documentation of this file.
1/*
2 * Copyright 2008-2009 Red Hat Inc., Durham, North Carolina.
3 * All Rights Reserved.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
18 *
19 * Authors:
20 * Tomas Heinrich <theinric@redhat.com>
21 * Peter Vrabec <pvrabec@redhat.com>
22 * Brandon Dixon <Brandon.Dixon@g2-inc.com>
23 * Lukas Kuklinek <lkuklinek@redhat.com>
24 */
35#ifndef _CVSSCALC_H_
36#define _CVSSCALC_H_
37
38#include <stdbool.h>
39#include <time.h>
40#include <stdio.h>
41#include "oscap_export.h"
42
43
45OSCAP_API const char *cvss_model_supported(void);
46
48enum cvss_category {
49 CVSS_NONE = 0x0000,
50 CVSS_BASE = 0x0100,
51 CVSS_TEMPORAL = 0x0200,
52 CVSS_ENVIRONMENTAL = 0x0300,
53};
54
56enum cvss_access_vector {
57 CVSS_AV_NOT_SET,
58 CVSS_AV_LOCAL,
59 CVSS_AV_ADJACENT_NETWORK,
60 CVSS_AV_NETWORK,
61 CVSS_AV_END_
62};
63
65enum cvss_access_complexity {
66 CVSS_AC_NOT_SET,
67 CVSS_AC_HIGH,
68 CVSS_AC_MEDIUM,
69 CVSS_AC_LOW,
70 CVSS_AC_END_
71};
72
74enum cvss_authentication {
75 CVSS_AU_NOT_SET,
76 CVSS_AU_MULTIPLE,
77 CVSS_AU_SINGLE,
78 CVSS_AU_NONE,
79 CVSS_AU_END_
80};
81
83enum cvss_cia_impact {
84 CVSS_IMP_NOT_SET,
85 CVSS_IMP_NONE,
86 CVSS_IMP_PARTIAL,
87 CVSS_IMP_COMPLETE,
88 CVSS_IMP_END_
89};
90
92enum cvss_exploitability {
93 CVSS_E_NOT_DEFINED,
94 CVSS_E_UNPROVEN,
95 CVSS_E_PROOF_OF_CONCEPT,
96 CVSS_E_FUNCTIONAL,
97 CVSS_E_HIGH,
98 CVSS_E_END_
99};
100
102enum cvss_remediation_level {
103 CVSS_RL_NOT_DEFINED,
104 CVSS_RL_OFFICIAL_FIX,
105 CVSS_RL_TEMPORARY_FIX,
106 CVSS_RL_WORKAROUND,
107 CVSS_RL_UNAVAILABLE,
108 CVSS_RL_END_
109};
110
112enum cvss_report_confidence {
113 CVSS_RC_NOT_DEFINED,
114 CVSS_RC_UNCONFIRMED,
115 CVSS_RC_UNCORROBORATED,
116 CVSS_RC_CONFIRMED,
117 CVSS_RC_END_
118};
119
121enum cvss_collateral_damage_potential {
122 CVSS_CDP_NOT_DEFINED,
123 CVSS_CDP_NONE,
124 CVSS_CDP_LOW,
125 CVSS_CDP_LOW_MEDIUM,
126 CVSS_CDP_MEDIUM_HIGH,
127 CVSS_CDP_HIGH,
128 CVSS_CDP_END_
129};
130
132enum cvss_target_distribution {
133 CVSS_TD_NOT_DEFINED,
134 CVSS_TD_NONE,
135 CVSS_TD_LOW,
136 CVSS_TD_MEDIUM,
137 CVSS_TD_HIGH,
138 CVSS_TD_END_
139};
140
142enum cvss_cia_requirement {
143 CVSS_REQ_NOT_DEFINED,
144 CVSS_REQ_LOW,
145 CVSS_REQ_MEDIUM,
146 CVSS_REQ_HIGH,
147 CVSS_REQ_END_
148};
149
156struct cvss_impact;
157
164struct cvss_metrics;
165
167OSCAP_API float cvss_round(float x);
168
170OSCAP_API struct cvss_impact *cvss_impact_new(void);
172OSCAP_API struct cvss_impact *cvss_impact_new_from_vector(const char *cvss_vector);
174OSCAP_API struct cvss_impact *cvss_impact_clone(const struct cvss_impact* impact);
176//struct cvss_impact *cvss_impact_new_parse(const char *filename);
178OSCAP_API void cvss_impact_free(struct cvss_impact* impact);
185OSCAP_API void cvss_impact_describe(const struct cvss_impact *impact, FILE *f);
186
188OSCAP_API struct cvss_metrics *cvss_impact_get_base_metrics(const struct cvss_impact* impact);
190OSCAP_API struct cvss_metrics *cvss_impact_get_temporal_metrics(const struct cvss_impact* impact);
192OSCAP_API struct cvss_metrics *cvss_impact_get_environmental_metrics(const struct cvss_impact* impact);
195OSCAP_API bool cvss_impact_set_metrics(struct cvss_impact* impact, struct cvss_metrics *metrics);
197OSCAP_API char *cvss_impact_to_vector(const struct cvss_impact* impact);
198
220OSCAP_API float cvss_impact_base_exploitability_subscore(const struct cvss_impact* impact);
221
230OSCAP_API float cvss_impact_base_impact_subscore(const struct cvss_impact* impact);
231
244OSCAP_API float cvss_impact_base_score(const struct cvss_impact* impact);
245
259OSCAP_API float cvss_impact_temporal_multiplier(const struct cvss_impact* impact);
260
270OSCAP_API float cvss_impact_temporal_score(const struct cvss_impact* impact);
271
280OSCAP_API float cvss_impact_base_adjusted_impact_subscore(const struct cvss_impact* impact);
281
289OSCAP_API float cvss_impact_adjusted_base_score(const struct cvss_impact* impact);
290
298OSCAP_API float cvss_impact_adjusted_temporal_score(const struct cvss_impact* impact);
299
311OSCAP_API float cvss_impact_environmental_score(const struct cvss_impact* impact);
312
316OSCAP_API struct cvss_metrics *cvss_metrics_new(enum cvss_category category);
318OSCAP_API struct cvss_metrics *cvss_metrics_clone(const struct cvss_metrics* metrics);
320OSCAP_API void cvss_metrics_free(struct cvss_metrics* metrics);
322OSCAP_API enum cvss_category cvss_metrics_get_category(const struct cvss_metrics* metrics);
324OSCAP_API const char *cvss_metrics_get_source(const struct cvss_metrics* metrics);
326OSCAP_API bool cvss_metrics_set_source(struct cvss_metrics* metrics, const char *new_source);
328OSCAP_API const char *cvss_metrics_get_generated_on_datetime(const struct cvss_metrics* metrics);
330OSCAP_API bool cvss_metrics_set_generated_on_datetime(struct cvss_metrics* metrics, const char *new_datetime);
332OSCAP_API const char *cvss_metrics_get_upgraded_from_version(const struct cvss_metrics* metrics);
334OSCAP_API bool cvss_metrics_set_upgraded_from_version(struct cvss_metrics* metrics, const char *new_upgraded_from_version);
336OSCAP_API float cvss_metrics_get_score(const struct cvss_metrics* metrics);
338OSCAP_API bool cvss_metrics_set_score(struct cvss_metrics* metrics, float score);
343OSCAP_API bool cvss_metrics_is_valid(const struct cvss_metrics* metrics);
344
356OSCAP_API enum cvss_access_vector cvss_metrics_get_access_vector(const struct cvss_metrics* metrics);
358OSCAP_API enum cvss_access_complexity cvss_metrics_get_access_complexity(const struct cvss_metrics* metrics);
360OSCAP_API enum cvss_authentication cvss_metrics_get_authentication(const struct cvss_metrics* metrics);
362OSCAP_API enum cvss_cia_impact cvss_metrics_get_confidentiality_impact(const struct cvss_metrics* metrics);
364OSCAP_API enum cvss_cia_impact cvss_metrics_get_integrity_impact(const struct cvss_metrics* metrics);
366OSCAP_API enum cvss_cia_impact cvss_metrics_get_availability_impact(const struct cvss_metrics* metrics);
368OSCAP_API enum cvss_exploitability cvss_metrics_get_exploitability(const struct cvss_metrics* metrics);
370OSCAP_API enum cvss_remediation_level cvss_metrics_get_remediation_level(const struct cvss_metrics* metrics);
372OSCAP_API enum cvss_report_confidence cvss_metrics_get_report_confidence(const struct cvss_metrics* metrics);
374OSCAP_API enum cvss_collateral_damage_potential cvss_metrics_get_collateral_damage_potential(const struct cvss_metrics* metrics);
376OSCAP_API enum cvss_target_distribution cvss_metrics_get_target_distribution(const struct cvss_metrics* metrics);
378OSCAP_API enum cvss_cia_requirement cvss_metrics_get_confidentiality_requirement(const struct cvss_metrics* metrics);
380OSCAP_API enum cvss_cia_requirement cvss_metrics_get_integrity_requirement(const struct cvss_metrics* metrics);
382OSCAP_API enum cvss_cia_requirement cvss_metrics_get_availability_requirement(const struct cvss_metrics* metrics);
383
385OSCAP_API bool cvss_metrics_set_access_vector(struct cvss_metrics* metrics, enum cvss_access_vector);
387OSCAP_API bool cvss_metrics_set_access_complexity(struct cvss_metrics* metrics, enum cvss_access_complexity);
389OSCAP_API bool cvss_metrics_set_authentication(struct cvss_metrics* metrics, enum cvss_authentication);
391OSCAP_API bool cvss_metrics_set_confidentiality_impact(struct cvss_metrics* metrics, enum cvss_cia_impact);
393OSCAP_API bool cvss_metrics_set_integrity_impact(struct cvss_metrics* metrics, enum cvss_cia_impact);
395OSCAP_API bool cvss_metrics_set_availability_impact(struct cvss_metrics* metrics, enum cvss_cia_impact);
397OSCAP_API bool cvss_metrics_set_exploitability(struct cvss_metrics* metrics, enum cvss_exploitability);
399OSCAP_API bool cvss_metrics_set_remediation_level(struct cvss_metrics* metrics, enum cvss_remediation_level);
401OSCAP_API bool cvss_metrics_set_report_confidence(struct cvss_metrics* metrics, enum cvss_report_confidence);
403OSCAP_API bool cvss_metrics_set_collateral_damage_potential(struct cvss_metrics* metrics, enum cvss_collateral_damage_potential);
405OSCAP_API bool cvss_metrics_set_target_distribution(struct cvss_metrics* metrics, enum cvss_target_distribution);
407OSCAP_API bool cvss_metrics_set_confidentiality_requirement(struct cvss_metrics* metrics, enum cvss_cia_requirement);
409OSCAP_API bool cvss_metrics_set_integrity_requirement(struct cvss_metrics* metrics, enum cvss_cia_requirement);
411OSCAP_API bool cvss_metrics_set_availability_requirement(struct cvss_metrics* metrics, enum cvss_cia_requirement);
412
413
417#endif // _CVSSCALC_H_
cvss_exploitability
cvss_exploitability
CVSS Exploitability.
Definition: cvss_score.h:92
cvss_remediation_level
cvss_remediation_level
CVSS Remediation Level.
Definition: cvss_score.h:102
cvss_model_supported
OSCAP_API const char * cvss_model_supported(void)
Get supported version of CVSS XML.
Definition: cvss.c:69
cvss_cia_requirement
cvss_cia_requirement
CVSS Confidentiality/Integrity/Availibility requirement.
Definition: cvss_score.h:142
cvss_report_confidence
cvss_report_confidence
CVSS Report Confidence.
Definition: cvss_score.h:112
cvss_metrics::cvss_metrics_is_valid
OSCAP_API bool cvss_metrics_is_valid(const struct cvss_metrics *metrics)
Validate CVSS metrics completeness.
Definition: cvss.c:326
cvss_collateral_damage_potential
cvss_collateral_damage_potential
CVSS Collateral Damage Potential.
Definition: cvss_score.h:121
cvss_cia_impact
cvss_cia_impact
CVSS Confidentiality/Integrity/Availibility impact.
Definition: cvss_score.h:83
cvss_access_vector
cvss_access_vector
CVSS access vector.
Definition: cvss_score.h:56
cvss_impact::cvss_impact_describe
OSCAP_API void cvss_impact_describe(const struct cvss_impact *impact, FILE *f)
Write out a human-readable textual description of CVSS impact contents.
Definition: cvss.c:497
cvss_access_complexity
cvss_access_complexity
CVSS access complexity.
Definition: cvss_score.h:65
cvss_target_distribution
cvss_target_distribution
CVSS Target Distribution.
Definition: cvss_score.h:132
cvss_authentication
cvss_authentication
CVSS Authentication.
Definition: cvss_score.h:74
cvss_round
OSCAP_API float cvss_round(float x)
Round x to one decimal place as described in CVSS standard.
Definition: cvss.c:406
cvss_category
cvss_category
CVSS score category.
Definition: cvss_score.h:48
cvss_impact
CVSS impact.
Definition: cvss_priv.h:80
cvss_metrics
CVSS metrics.
Definition: cvss_priv.h:86
Generated by doxygen 1.9.5