OpenVAS XML Report severity score by application

pdrafs · December 8, 2023, 11:09am

Hello everyone.
Once I have the xml report of a scan, I need to associate the severity score by host, port and application.
I know that in the xml report we have the severity per host and per port.
But I cannot find a way to map severity score per each application cpe:/a

Can you help me. Is there a way ?

rippledj · December 8, 2023, 7:26pm

I guess the solution may be kinda roundabout. Is there an applications branch section from the report XML? Then you may be able to use python-gvm to get the listed CVE’s for a particular CPE you extrract from the report XML. Then get the CVEs from the report, and check if each CVE in the report is listed in each CPE.

So, in the process:

Extract CPEs from the Applications section of the report.
Get all the CVE lists for each CPE from python-gvm
Get the CVEs list from the report XML
Cross reverence each CVE to see it its in one of the CPE lists.

But! Not every vulnerability in the report will have a CVE. Some configuration errors for example don’t have CVEs. Not every CVE will have a CPE for the same reason.