Thanks for your kind replies. Once I got home and put the kidlet to bed
and my life became nice and quiet and calm, I actually had no trouble
getting 2cvs to work:
2csv entry vuln:cve-id vuln:cvss/cvss:base_metrics/cvss:score
vuln:summary < nvdcve-2.0-2015.flat > nvdcve-2.0-2015.csv
Thanks for the pointers to cvskit though and the PowerShell script! =)
On Mon, Aug 17, 2015 at 7:47 PM, Rickard, Josh A. <[email protected]>
wrote:
> If you’re interested in using PowerShell you could do the following:
>
>
>
> $vulninfo = Invoke-WebRequest -Uri "
> http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-recent.xml";
>
>
>
> $entry = $vulninfo.nvd.entry
>
>
>
> $temphostobject = @()
>
> $vulnhostobject = @()
>
>
>
> #loop through each entry node
>
> ForEach($cves in $entry){
>
>
>
> IF($cves.cvss.'base_metrics'.score -gt 7){
>
> $objectproperties = @{cve=$($cves.'cve-id');
>
> cvss=$($cves.cvss.'base_metrics'.score);
>
> summary=$($cves.summary)
>
> }
>
>
>
> $temphostobject = New-Object PSObject -Property $objectproperties
>
> $vulnhostobject += $temphostobject
>
> }
>
> }
>
>
>
> $vulnhostobject | ft
>
>
>
>
>
> I could add some features and make it an advanced function, but this
> should give you an object that you can return and add to another function
> or do other fun stuff with.
>
>
>
> Let me know if you need any other help.
>
>
>
> Thanks,
>
>
>
> *Josh Rickard*
>
> Security Analyst
>
> Information Security and Access Management
>
> Division of Information Technology
>
> University of Missouri
>
> (573) 884-6280 | [email protected]
>
> ACA | GCWN | GCFA
>
>
>
> *From:* [email protected] [mailto:[email protected]]
> *On Behalf Of *Aleksey Tsalolikhin
> *Sent:* Monday, August 17, 2015 8:57 PM
> *To:* [email protected]
> *Subject:* [lopsa-tech] getting a list of critical vulnerabilities from
> the NVD at NIST
>
>
>
> Hello,
>
>
>
> I want to get a list of Critical (CVSS > 7) CVE's for a security
> vulnerability assessment for a client.
>
>
>
> Scored CVEs are available from https://nvd.nist.gov/download.cfm through
> a set of XML feeds. The nice NIST web site says:
>
>
>
> A common way to use the feeds is to perform a one-time import of all of
> the main XML vulnerability feeds and then use the "modified" feeds to keep
> up-to-date.
>
>
>
> I thought I'd start out by figuring out how to convert the 2015 XML to
> CSV. I got halfway there:
>
>
>
> $ xml2 < nvdcve-2.0-2015.xml > nvdcve-2.0-2015.flat
>
> $ 2csv < nvdcve-2.0-2015.flat > nvdcve-2.0-2015.csv
>
> usage: 2csv record field [field ...] < in > csv
>
> $
>
>
>
> There is no documentation for 2csv that I could find... I'm now banging
> my head against it, trial and error...
>
>
>
> I might end up just grepping the data I need out of the flat file. All
> I'm looking for is CVE ID, Summary and CVSS score. Has anybody been down
> this path already?
>
>
>
> --
>
> Need CFEngine training? Email [email protected]
>
--
Need CFEngine training? Email [email protected]
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
