-
Notifications
You must be signed in to change notification settings - Fork 0
/
cveinfo.py
75 lines (66 loc) · 2.06 KB
/
cveinfo.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/python3
# CVEINFO
# A script to get quick info on CVEs from the command line
# Written by: Cody Skinner
# @TheCodySkinner
import argparse
import json
import requests
#Get command line arguments
parser = argparse.ArgumentParser()
parser.add_argument("CVE", help="CVE code (ex. 2020-1234)")
parser.add_argument("-e", "--cwe", help="Attempt to pull data on related CWE", action="store_true")
args = parser.parse_args()
#Set vars
cve = args.CVE
url = 'https://cve.circl.lu/api/cve/CVE-' + cve
response = requests.get(url)
data = response.json()
#Check for result
if data is None:
print("No results found for CVE. Exiting.")
exit(1)
#Get data
cvid = data['id']
modified = data['Modified']
published = data['Published']
cvss = data['cvss']
rel_cwe = data['cwe']
impact = data['impact']
references = data['references']
summary = data['summary']
vulnerable = data['vulnerable_product']
print('CVE: ' + cvid)
print('CVSS Score: ' + str(cvss))
print('Published: ' + published)
print('Modified: ' + modified)
print('CWE: ' + rel_cwe)
for (k, v) in impact.items():
print('Impact to ' + k + ': ' + v)
for (reference) in references:
print('Reference: ' + reference)
print('\n\nSummary:\n' + summary)
print('\n\nVulnerable Products:')
for product in vulnerable:
print(product)
#Get CWE
if args.cwe:
#rel_cwe.removeprefix('CWE-') Python 3.9+, wait to implement until Python 3.9 is more widely adopted
rel_cwe = rel_cwe[4:]
cweurl = 'https://cve.circl.lu/api/capec/'+rel_cwe
cweresp = requests.get(cweurl)
cwedata = cweresp.json()
print('\n\nCWE INFO:')
if cwedata is not None:
cwe_id = cwedata['id']
cwe_name = cwedata['name']
cwe_prereq = cwedata['prerequisites']
cwe_relweak = cwedata['related_weakness']
cwe_summary = cwedata['summary']
print('CWE: ' + cwe_id)
print('Name: ' + cwe_name)
print('Prerequisites: ' + cwe_prereq)
print('Related Weakness: ' + cwe_relweak)
print('\n\nSummary:\n' + cwe_summary)
else:
print('Data could not be found for this CWE')