PHP Vulnerabilities::get_severity_by_risk Exemples

Exemple #1

Fichier : dt_vulnerabilities.php Projet : jackpf/ossim-arc

        // Property filter
        $filters = array('limit' => "{$from}, {$maxrows}", 'order_by' => "{$order} {$torder}");
        if ($search_str != '') {
            $search_str = escape_sql($search_str, $conn);
            $filters['where'] = 'p.name LIKE "%' . $search_str . '%"';
        }
        list($vulns, $total) = $asset_object->get_vulnerabilities($conn, '', $filters);
    } else {
        Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information'));
    }
} catch (Exception $e) {
    $db->close();
    Util::response_bad_request($e->getMessage());
}
// DATA
$data = array();
foreach ($vulns as $_asset_id => $asset_vulns) {
    $_host_aux = Asset_host::get_object($conn, $_asset_id);
    foreach ($asset_vulns as $vuln) {
        $_host = $class_name == 'asset_host' ? $vuln['ip'] : $_host_aux->get_name() . " (" . $_host_aux->get_ips()->get_ips('string') . ")";
        $data[] = array(date("Y-m-d H:i:s", strtotime($vuln['date'])), $_host, $vuln['plugin'], $vuln['plugin_id'], $vuln['service'], Vulnerabilities::get_severity_by_risk($vuln['risk']));
    }
}
$response['sEcho'] = $sec;
$response['iTotalRecords'] = $total;
$response['iTotalDisplayRecords'] = $total;
$response['aaData'] = $data;
echo json_encode($response);
$db->close();
/* End of file dt_vulnerabilities.php */
/* Location: /av_asset/common/providers/dt_vulnerabilities.php */

Exemple #2

Fichier : get_status_vulnerabilities.php Projet : jackpf/ossim-arc

     if (!array_key_exists($asset_type, $asset_types)) {
         Av_exception::throw_error(Av_exception::USER_ERROR, _('Error! Invalid Asset Type'));
     }
     $class_name = $asset_types[$asset_type];
     // Check Asset Permission
     if (method_exists($class_name, 'is_allowed') && !$class_name::is_allowed($conn, $asset_id)) {
         $error = sprintf(_('Error! %s is not allowed'), ucwords($asset_type));
         Av_exception::throw_error(Av_exception::USER_ERROR, $error);
     }
     $asset_object = $class_name::get_object($conn, $asset_id);
     $vulns_data = $asset_object->get_vulnerabilities($conn);
     $vuln_count = $vulns_data[1];
     $severities = array();
     foreach ($vulns_data[0] as $vuln_asset_id => $asset_vulns) {
         foreach ($asset_vulns as $vuln) {
             $_severity = Vulnerabilities::get_severity_by_risk($vuln['risk']);
             $severities[$_severity]++;
         }
     }
     if ($severities[_('High')] > 0 || $severities[_('Serious')] > 0) {
         $vuln_level = 3;
     } elseif ($severities[_('Medium')] > 0 || $severities[_('Low')] > 0) {
         $vuln_level = 2;
     } elseif ($severities[_('Info')] > 0) {
         $vuln_level = 1;
     } else {
         $vuln_level = 0;
     }
 } else {
     Av_exception::throw_error(Av_exception::USER_ERROR, _('Error retrieving information'));
 }