Class: CvssSuite::Cvss2Base

Inherits:

CvssMetric

• Object
• CvssMetric
• CvssSuite::Cvss2Base

Defined in:

lib/cvss_suite/cvss2/cvss2_base.rb

Overview

This class represents a CVSS Base metric in version 2.

Instance Attribute Summary

• #access_complexity ⇒ Object readonly

  Property of this metric.

• #access_vector ⇒ Object readonly

  Property of this metric.

• #authentication ⇒ Object readonly

  Property of this metric.

• #availability_impact ⇒ Object readonly

  Property of this metric.

• #confidentiality_impact ⇒ Object readonly

  Property of this metric.

• #integrity_impact ⇒ Object readonly

  Property of this metric.

Attributes inherited from CvssMetric

#properties

Instance Method Summary

• #score(sr_cr_score = 1, sr_ir_score = 1, sr_ar_score = 1) ⇒ Object

  Returns the base score of the CVSS vector.

Methods inherited from CvssMetric

#count, #initialize, #valid?

Constructor Details

This class inherits a constructor from CvssSuite::CvssMetric

Instance Attribute Details

#access_complexity ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def access_complexity
  @access_complexity
end

#access_vector ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def access_vector
  @access_vector
end

#authentication ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def authentication
  @authentication
end

#availability_impact ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def availability_impact
  @availability_impact
end

#confidentiality_impact ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def confidentiality_impact
  @confidentiality_impact
end

#integrity_impact ⇒ Object (readonly)

Property of this metric

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 15

def integrity_impact
  @integrity_impact
end

Instance Method Details

#score(sr_cr_score = 1, sr_ir_score = 1, sr_ar_score = 1) ⇒ Object

Returns the base score of the CVSS vector. The calculation is based on formula version 2.10 . See CVSS documentation for further information www.first.org/cvss/v2/guide#i3.2.1 .

Takes Security Requirement Impacts for calculating environmental score.

# File 'lib/cvss_suite/cvss2/cvss2_base.rb', line 23

def score(sr_cr_score = 1, sr_ir_score = 1, sr_ar_score = 1)
  impact = calc_impact(sr_cr_score, sr_ir_score, sr_ar_score)

  exploitability = calc_exploitability

  additional_impact = (impact.zero? ? 0 : 1.176)

  ((0.6 * impact) + (0.4 * exploitability) - 1.5) * additional_impact
end