-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathGatherCVEInfoV2.ps1
More file actions
96 lines (78 loc) · 3.52 KB
/
GatherCVEInfoV2.ps1
File metadata and controls
96 lines (78 loc) · 3.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# GatherCVEInfoV2.ps1
# ---------------------------------------------
# This PS1 Script takes a list of CVEs and queries the NIST CVE API for info
# https://nvd.nist.gov/developers/vulnerabilities
# Replace $CVEString with your own list of CVEs, separated by pipes (|).
# Returns info inline and in a .csv file
# You will need to get your own API key from NIST and replace the placeholders below.
# This script was generated with ChatGPT
# ---------------------------------------------
$CVEString = "CVE-2022-31813|CVE-2017-3167|CVE-2017-7679" # Input string with pipe-separated CVEs (change as needed)
$CVEList = $CVEString -split "\|" # Split the string into an array
$TotalCVEs = $CVEList.Count
$APIKey = "CHANGE_ME!" #! Replace with your actual API key !
$Headers = @{ "apiKey" = $APIKey } # Set up headers for authentication
$Results = @()
Write-Host "This script will gather CVE Info from nist.gov using the supplied API key." -ForegroundColor Cyan
# Create a custom object for each CVE
$CVEList | ForEach-Object {
[PSCustomObject]@{ CVE = $_ }
} | Format-Table -AutoSize
Write-Host "Processing $TotalCVEs CVEs..." -ForegroundColor Cyan
pause
$Counter = 0 # Track progress
foreach ($CVE in $CVEList) {
$Counter++
Write-Host "[$Counter/$TotalCVEs] Fetching data for $CVE..." -ForegroundColor Yellow
$URL = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=$CVE"
try {
$Response = Invoke-RestMethod -Uri $URL -Method Get -Headers $Headers -ErrorAction Stop
if ($Response.vulnerabilities) {
$CVEData = $Response.vulnerabilities[0].cve
$Description = $CVEData.descriptions | Where-Object { $_.lang -eq "en" } | Select-Object -ExpandProperty value
$Severity = "Not Available"
$CVSSScore = "N/A"
# Extract severity (CVSS v3.1 preferred, fallback to v2 if missing)
if ($CVEData.metrics.cvssMetricV31) {
$Severity = $CVEData.metrics.cvssMetricV31[0].cvssData.baseSeverity
$CVSSScore = $CVEData.metrics.cvssMetricV31[0].cvssData.baseScore
}
elseif ($CVEData.metrics.cvssMetricV2) {
$Severity = $CVEData.metrics.cvssMetricV2[0].baseSeverity
$CVSSScore = $CVEData.metrics.cvssMetricV2[0].cvssData.baseScore
}
$Results += [PSCustomObject]@{
CVE = $CVE
Severity = $Severity
CVSSScore = $CVSSScore
Description = $Description
}
Write-Host " -> Severity: $Severity (CVSS Score: $CVSSScore)" -ForegroundColor Green
}
else {
$Results += [PSCustomObject]@{
CVE = $CVE
Severity = "Not Found"
CVSSScore = "N/A"
Description = "No data available"
}
Write-Host " -> No data found for $CVE" -ForegroundColor Red
}
}
catch {
Write-Host " -> Error retrieving $CVE - $($_.Exception.Message)" -ForegroundColor Red
$Results += [PSCustomObject]@{
CVE = $CVE
Severity = "Error"
CVSSScore = "N/A"
Description = "API request failed"
}
}
Start-Sleep -Milliseconds 1000 # Delay to avoid rate-limiting
}
# Export to CSV
$Results | Export-Csv -Path "CVE_Report.csv" -NoTypeInformation -Encoding UTF8
# Display results in a table
$Results | Format-Table -AutoSize
Write-Host "`nCVE report saved as 'CVE_Report.csv'" -ForegroundColor Cyan
pause