NAME

Security::CVSS - Calculate CVSS values (Common Vulnerability Scoring System)

SYNOPSIS

  use Security::CVSS;

  my $CVSS = new Security::CVSS;

  $CVSS->AccessVector('Local');
  $CVSS->AccessComplexity('High');
  $CVSS->Authentication('Not-Required');
  $CVSS->ConfidentialityImpact('Complete');
  $CVSS->IntegrityImpact('Complete');
  $CVSS->AvailabilityImpact('Complete');
  $CVSS->ImpactBias('Normal');

  my $BaseScore = $CVSS->BaseScore();

  $CVSS->Exploitability('Proof-Of-Concept');
  $CVSS->RemediationLevel('Official-Fix');
  $CVSS->ReportConfidence('Confirmed');

  my $TemporalScore = $CVSS->TemporalScore()

  $CVSS->CollateralDamagePotential('None');
  $CVSS->TargetDistribution('None');

  my $EnvironmentalScore = $CVSS->EnvironmentalScore();

  my $CVSS = new CVSS({AccessVector => 'Local',
                       AccessComplexity => 'High',
                       Authentication => 'Not-Required',
                       ConfidentialityImpact => 'Complete',
                       IntegrityImpact => 'Complete',
                       AvailabilityImpact => 'Complete',
                       ImpactBias => 'Normal'
                    });

  my $BaseScore = $CVSS->BaseScore();

  $CVSS->UpdateFromHash({AccessVector => 'Remote',
                         AccessComplexity => 'Low');

  my $NewBaseScore = $CVSS->BaseScore();

  $CVSS->Vector('(AV:L/AC:H/Au:NR/C:N/I:P/A:C/B:C)');
  my $BaseScore = $CVSS->BaseScore();
  my $Vector = $CVSS->Vector();

DESCRIPTION

CVSS allows you to calculate all three types of score described under the CVSS system: Base, Temporal and Environmental.

You can modify any parameter via its accessor and recalculate at any time.

The temporal score depends on the base score, and the environmental score depends on the temporal score. Therefore you must remember to supply all necessary parameters.

Vector allows you to parse a CVSS vector as described at: http://nvd.nist.gov/cvss.cfm?vectorinfo

Called without any parameters it will return the CVSS vector as a string.

POSSIBLE VALUES

For meaning of these values see the official CVSS FAQ at https://www.first.org/cvss/faq/#c7

Base Score

  AccessVector            Local, Remote
  AccessComplexity        Low, High
  Authentication          Required, Not-Required
  ConfidentialityImpact   None, Partial, Complete
  IntegrityImpact         None, Partial, Complete
  AvailabilityImpact      None, Partial, Complete

Temporal Score

  Exploitability          Unproven, Proof-of-Concept, Functional, High
  RemediationLevel        Official-Fix, Temporary-Fix, Workaround,
                          Unavailable
  ReportConfidence        Unconfirmed, Uncorroborated, Confirmed

Environmental Score

  CollateralDamagePotential  None, Low, Medium, High
  TargetDistribution         None, Low, Medium, High

AUTHOR

Periscan LLC, <cpan@periscan.com>

COPYRIGHT AND LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install Security::CVSS, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Security::CVSS

CPAN shell

perl -MCPAN -e shell
install Security::CVSS

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)