Get CVE details and format as markdown

CVE Details.md

<% tp.user.cve_details(cve_id) %>

CVE-2021-27101.md

tags	aliases	date created	date modified
cve _language _package _severity		Saturday, February 11th 2023, 4:44:03 pm	Wednesday, February 15th 2023, 6:53:55 pm

CVE-2021-27101

CVE Details

ID: CVE-2021-27101
KNOWN EXPLOITED VULNERABILITY
CISA Details: Accellion FTA SQL Injection Vulnerability, Added: [[2021-11-03]], Action: Apply updates per vendor instructions., Due: [[2021-11-17]]
Source Identifier: [email protected]
Published: 2021-02-16T21:15:13.077
Last Modified: 2021-02-17T19:04:26.867
Status: Analyzed

Scores

CVSS 3.1 Score - Primary - [email protected]

Base Severity: CRITICAL - 9.8 (Exploitability: 3.9, Impact: 5.9)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0 Score - Primary - [email protected]

Base Severity: HIGH - 7.5 (Exploitability: 10, Impact: 6.4)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Insufficient info: false
Obtain all privilege: false
Obtain user privilege: false
Obtain other privilege: false
User interaction required: false

Description

Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.

Evaluator Notes

None provided

Weaknesses

Weakness	Type	Source
[[CWE-89]]	Primary	[email protected]

Vendor Comments

No vendor comments

References

URL	Tags	Source
github.com	Third Party Advisory	[email protected]
www.accellion.com	Product, Vendor Advisory	[email protected]

Configurations

Configuration 1 (Operator: OR, Negate: false)

Node 1

• cpe:2.3:a:accellion:fta:*:*:*:*:*:*:*:*
  • End Version: 9_12_370 (Including)

Affects

Useful Links

• NVD
• Mitre/CVE.org

Official Response

Investigations

Affected Projects

Repo	Detected On	Notes

Affected Containers

Container	Min Version	Max Version	Notes

CVE.md

<%* let title = tp.file.title; let cve_id = ""; if (title.match(/^CVE-\d{4}-\d+$/)) { cve_id = title; } else { cve_id = await tp.system.prompt("CVE ID?"); await tp.file.rename(${cve_id}); } -%>

tags: [cve, _language, _package, _severity] aliases: []

<% cve_id %>

<% tp.user.cve_details(cve_id) %>

Affects

Useful Links

• [NVD](https://nvd.nist.gov/vuln/detail/<% cve_id %>)
• [Mitre/CVE.org](https://www.cve.org/CVERecord?id=<% cve_id %>)

Official Response

Investigations

Affected Repos

Repo	Detected On	Notes

cve_details.js

const cve_details = async (cveId) => {
    document.body.style.cursor = "wait";
    const language = "en";

    // As of 2023-02-15, this parses everything currently defined in the NIST schema at 
    // https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema
    // other than the meanings of the score vector elements (which are 
    // redundant if you know CVSS, and the vector now links to the
    // calculators, so if you're not familiar, you can go there to see the
    // elements rather than cluttering up the generated notes.)
    try {
        const url = `https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=` + cveId;
        const response = await fetch(url).then(response => response.json());

        if (response.vulnerabilities[0] === undefined) {
            return "CVE not yet in NVD - No details available";
        }

        const cve = response.vulnerabilities[0].cve;

        var scores = "";

        if (cve.metrics.cvssMetricV31 !== undefined) {
            for (score of cve.metrics.cvssMetricV31) {
                scores += `#### CVSS ${score.cvssData.version} Score - ${score.type} - ${score.source}\n\n`;
                scores += `Base Severity: ${score.cvssData.baseSeverity} - ${score.cvssData.baseScore} (Exploitability: ${score.exploitabilityScore}, Impact: ${score.impactScore})\n`;
                scores += `Vector: [${score.cvssData.vectorString}](https://www.first.org/cvss/calculator/3.1#${score.cvssData.vectorString})\n`;
                scores += '\n';
            }
        }

        if (cve.metrics.cvssMetricV30 !== undefined) {
            for (score of cve.metrics.cvssMetricV30) {
                scores += `#### CVSS ${score.cvssData.version} Score - ${score.type} - ${score.source}\n\n`;
                scores += `Base Severity: ${score.cvssData.baseSeverity} - ${score.cvssData.baseScore} (Exploitability: ${score.exploitabilityScore}, Impact: ${score.impactScore})\n`;
                scores += `Vector: [${score.cvssData.vectorString}](https://www.first.org/cvss/calculator/3.0#${score.cvssData.vectorString})\n`;
                scores += '\n';
            }
        }

        if (cve.metrics.cvssMetricV2 !== undefined) {
            for (score of cve.metrics.cvssMetricV2) {
                scores += `#### CVSS ${score.cvssData.version} Score - ${score.type} - ${score.source}\n\n`;
                scores += `Base Severity: ${score.baseSeverity} - ${score.cvssData.baseScore} (Exploitability: ${score.exploitabilityScore}, Impact: ${score.impactScore})\n`;
                scores += `Vector: [${score.cvssData.vectorString}](https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(${score.cvssData.vectorString}))\n`
                scores += `Insufficient info: ${score.acInsufInfo}\n`;
                scores += `Obtain all privilege: ${score.obtainAllPrivilege}\n`;
                scores += `Obtain user privilege: ${score.obtainUserPrivilege}\n`;
                scores += `Obtain other privilege: ${score.obtainOtherPrivilege}\n`;
                scores += `User interaction required: ${score.userInteractionRequired}\n`;
                scores += '\n';
            }
        }

        if (scores == "") {
            scores = "No scores defined"
        } else {
            // take off the last \n's
            scores = scores.slice(0, -2);
        }

        var weaknesses = "No weaknesses defined";

        if ((cve.weaknesses !== undefined) && (cve.weaknesses.length > 0)) {
            weaknesses = "| Weakness | Type | Source |\n| --- | --- | --- |";
            cve.weaknesses.forEach((weakness) => {
                weaknesses += `\n| [[${weakness.description.filter(desc => desc.lang == language)[0].value}]] | ${weakness.type} | ${weakness.source} |`;
            })
        }

        var references = "No references defined";

        if ((cve.references !== undefined) && (cve.references.length > 0)) {
            references = "| URL | Tags | Source |\n| --- | --- | --- |";
            cve.references.forEach((reference) => {
                var url = new URL(reference.url);
                var refTags = "";
                if (reference.tags !== undefined) {
                    refTags = reference.tags.join(", ");
                }
                references += `\n| [${url.hostname}](${reference.url}) | ${refTags} | ${reference.source} |`;
            })
        }

        var knownExploited = `As of ${new Date().toLocaleDateString()}, this issue is not currently on the CISA Known Exploited Vulnerabilities List`;

        if (cve.cisaVulnerabilityName !== undefined) {
            knownExploited = '<font color="red">KNOWN EXPLOITED VULNERABILITY</font>\n';
            knownExploited += `CISA Details: ${cve.cisaVulnerabilityName}, Added: [[${cve.cisaExploitAdd}]], Action: ${cve.cisaRequiredAction}, Due: [[${cve.cisaActionDue}]]`;
        }

        var configurations = "No configurations defined";

        if ((cve.configurations !== undefined) && (cve.configurations.length > 0)) {
            configurations = "";
            var confCount = 0;

            for (configuration of cve.configurations) {
                confCount += 1;
                configurations += `#### Configuration ${confCount} (Operator: ${configuration.nodes[0].operator}, Negate: ${configuration.nodes[0].negate})\n\n`;

                var nodeCount = 0;
                for (node of configuration.nodes) {
                    nodeCount += 1;
                    configurations += `##### Node ${nodeCount}\n\n`;
                    node.cpeMatch.forEach((cpe) => {
                        configurations += "- " + cpe.criteria.replaceAll("\*", "\\*") + "\n";
                        if (cpe.versionStartIncluding !== undefined) {
                            configurations += `  - Start Version:  ${cpe.versionStartIncluding} (Including)\n`;
                        }

                        if (cpe.versionStartExcluding !== undefined) {
                            configurations += `  - Start Version: ${cpe.versionStartExcluding} (Excluding)\n`;
                        }

                        if (cpe.versionEndIncluding !== undefined) {
                            configurations += `  - End Version: ${cpe.versionEndIncluding} (Including)\n`;
                        }

                        if (cpe.versionEndExcluding !== undefined) {
                            configurations += `  - End Version: ${cpe.versionEndExcluding} (Excluding)\n`;
                        }

                    });
                    configurations += "\n";
                }
            }
        }

        if (configurations != "No configurations defined") {
            // take off the last 2 newlines
            configurations = configurations.slice(0, -2);
        }

        var vendorComments = "No vendor comments\n";

        if ((cve.vendorComments !== undefined) && (cve.vendorComments.length > 0)) {
            vendorComments = "";
            var commentCount = 0;

            for (comment of cve.vendorComments) {
                commentCount += 1;
                vendorComments += `${commentCount}. ${comment.comment} (by ${comment.organization}, last modified: ${comment.lastModified})\n`;
            }
        }

        var evaluatorDetails = "";

        if (cve.evaluatorComment !== undefined) {
            evaluatorDetails += "#### Evaluator Comment\n\n" + cve.evaluatorComment + "\n\n";
        }

        if (cve.evaluatorSolution !== undefined) {
            evaluatorDetails += "#### Evaluator Solution\n\n" + cve.evaluatorSolution + "\n\n";
        }

        if (cve.evaluatorImpact !== undefined) {
            evaluatorDetails += "#### Evaluator Impact\n\n" + cve.evaluatorImpact + "\n\n";
        }


        if (evaluatorDetails == "") {
            evaluatorDetails = "None provided";
        } else {
            evaluatorDetails = evaluatorDetails.slice(0, -2);
        }

        const newContent = `
## CVE Details

ID: ${cveId}
${knownExploited}
Source Identifier: ${cve.sourceIdentifier}
Published: ${cve.published}
Last Modified: ${cve.lastModified}
Status: ${cve.vulnStatus}

### Scores

${scores}

### Description

${cve.descriptions.filter(desc => desc.lang == language)[0].value}

### Evaluator Notes

${evaluatorDetails}

### Weaknesses

${weaknesses}

### Vendor Comments

${vendorComments}
### References

${references}

### Configurations

${configurations}
`;

        document.body.style.cursor = "default";

        return newContent;
    }
    finally {
        document.body.style.cursor = "default";
    }
}

module.exports = cve_details;

Added CVE-2021-27101.md as an example of a page generated by the template.

Updated cve_details.js to handle the case where a reference has no tags.

Added support for multiple (and no) scores. More error handling when fields are missing. Added try / finally block so it shouldn't leave the cursor in a spinner state when it fails now.

Added in the rest of the elements defined in the NVD CVE schema: https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema - everything other than the vector element breakdowns are saved to the markdown output now.

• Multiple nodes are now supported.
• The date stamp for not being on the CISA Known Exploited List should match the local computer's date now.
• Evaluator details (comments, solution, and/or impact) and Vendor comments are now supported.

Barring bugs or a change to the NVD JSON schema, this is probably feature complete now.