API script to filter and display devices with high CVSS scores

This is an older script that was written prior to the "--explode" functionality, but it can be used to find all devices with vulnerable software that has a CVSS score between two values. The script then displays the device name, along with each CVE.

The script is located here: https://github.com/Axonius/axonius_api_client/blob/master/examples/cvss_filtering.py

Below is an example of the output. 

********************************************************************************
internal_axon_id: 7f22fc58f9f46751c6478a473d5e5ba0
--------------------------------------------------------------------------------
cve_id: CVE-2016-4658
cve_severity: CRITICAL
cvss: 9.8
software_name: Multiple Software
software_vendor: Multiple Vendors
--------------------------------------------------------------------------------
cve_id: CVE-2017-10685
cve_severity: CRITICAL
cvss: 9.8
software_name: ncurses
software_vendor: gnu
--------------------------------------------------------------------------------
cve_id: CVE-2017-10684
cve_severity: CRITICAL
cvss: 9.8
software_name: ncurses
software_vendor: gnu
--------------------------------------------------------------------------------
cve_id: CVE-2018-16402
cve_severity: CRITICAL
cvss: 9.8
software_name: elfutils
software_vendor: elfutils_project

1

Comments

0 comments

Please sign in to leave a comment.

Didn't find what you were looking for?

New post