Skip to content

Instantly share code, notes, and snippets.

@righettod
Last active March 24, 2019 09:39
Show Gist options
  • Save righettod/b12a262ab366c0f65fb0a3152c115ebd to your computer and use it in GitHub Desktop.
Save righettod/b12a262ab366c0f65fb0a3152c115ebd to your computer and use it in GitHub Desktop.
Script to verify, for a set of CVE, if the MITRE has released them and if a link to the security advisory on the CVE owner site has been added (python 3).
#!/usr/bin/python
# -*- coding: utf-8 -*-
"""
Script to verify, for a set of CVE, if the MITRE has released them
and if a link to the security advisory on the CVE owner site has been added.
Dependencies: pip install requests
"""
import requests
import collections
import argparse
import json
# Define constants
MITRE_URL_TPL = "https://cve.mitre.org/cgi-bin/cvename.cgi?name=%s"
SECURITY_ADVISORY_BASE_URL = "https://www.excellium-services.com/cert-xlm-advisory"
# Define parser for command line arguments
parser = argparse.ArgumentParser(description="Script to verify, for a set of CVE, if the MITRE has released them and if a link to the security advisory on the CVE owner site has been added.", epilog="call example: check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631")
parser.add_argument('-c', action="store", dest="cve_list", help="List of CVE ID separated by a space.", required=True, nargs='+')
parser.add_argument('-o', action="store", dest="output_file", help="Save verification in a JSON file.", default="state.json", required=False)
args = parser.parse_args()
# Process the list of CVE
cve_count = len(args.cve_list)
result = []
print("[+] Process the %s CVE(s)..." % cve_count)
security_advisory_link_upper = SECURITY_ADVISORY_BASE_URL.upper()
for cve_id in args.cve_list:
print(" Get info for '%s'..." % cve_id)
response = requests.get(MITRE_URL_TPL % cve_id)
if response.status_code != 200:
print(" [!] Request to MITRE for CVE ID '%s' return an HTTP code %s !" % (cve_id, response.status_code))
else:
http_body_upper = response.text.upper()
cve_info = collections.OrderedDict()
cve_info["ID"] = cve_id
cve_info["IsReleased"] = ">RESERVED</A>" not in http_body_upper
cve_info["ContainAdvisoryLink"] = security_advisory_link_upper in http_body_upper
result.append(cve_info)
print("[+] Information gathered, saving them to file '%s'..." % args.output_file)
result_json_formatted = json.dumps(result, indent=4)
with open(args.output_file, "w") as dest_file:
dest_file.write(result_json_formatted)
print("[+] File saved, copy of data printed below:")
print(result_json_formatted)
@righettod
Copy link
Author

righettod commented Mar 24, 2019

Execution examples (python 3):

$ python check_cve_state.py -h
usage: check_cve_state.py [-h] -c CVE_LIST [CVE_LIST ...] [-o OUTPUT_FILE]

Script to verify, for a set of CVE, if the MITRE has released them and if a
link to the security advisory on the CVE owner site has been added.

optional arguments:
  -h, --help            show this help message and exit
  -c CVE_LIST [CVE_LIST ...]
                        List of CVE ID separated by a space.
  -o OUTPUT_FILE        Save verification in a JSON file.

call example: check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631
$ python check_cve_state.py -o test.json -c CVE-2016-1161 CVE-2018-15631 CVE-2018-20664

[+] Process the 3 CVE(s)...
  Get info for 'CVE-2016-1161'...
  Get info for 'CVE-2018-15631'...
  Get info for 'CVE-2018-20664'...
[+] Information gathered, saving them to file 'test.json'...
[+] File saved, copy of data printed below:
[
    {
        "ID": "CVE-2016-1161",
        "IsReleased": true,
        "ContainAdvisoryLink": true
    },
    {
        "ID": "CVE-2018-15631",
        "IsReleased": false,
        "ContainAdvisoryLink": false
    },
    {
        "ID": "CVE-2018-20664",
        "IsReleased": true,
        "ContainAdvisoryLink": false
    }
]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment