Report templatesFunctions
parseCvssVector
Parse CVSS v3.1 vector string into human-readable components
Usage
The parseCvssVector function parses a CVSS v3.1 vector string and returns either all components or a specific metric value in human-readable format.
Syntax
{cvssVector | parseCvssVector:property}Parameters
input(string): CVSS v3.1 vector string (e.g., "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")property(string, optional): Specific metric to retrieve (e.g., "AV", "AC", "PR", etc.)
Returns
- If
propertyspecified: String value of that metric - If no
property: Array of strings in format "Metric: Value" - Error if invalid CVSS vector format
CVSS Metrics
| Metric | Code | Possible Values |
|---|---|---|
| Attack Vector | AV | Network (N), Adjacent (A), Local (L), Physical (P) |
| Attack Complexity | AC | Low (L), High (H) |
| Privileges Required | PR | None (N), Low (L), High (H) |
| User Interaction | UI | None (N), Required (R) |
| Scope | S | Unchanged (U), Changed (C) |
| Confidentiality | C | High (H), Low (L), None (N) |
| Integrity | I | High (H), Low (L), None (N) |
| Availability | A | High (H), Low (L), None (N) |
Examples
Get specific metric
{"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" | parseCvssVector:"AV"}
// Returns: "Network"Get all components
{"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N" | parseCvssVector}
// Returns: ["AV: Local", "AC: High", "PR: Low", "UI: Required", "S: Changed", "C: Low", "I: Low", "A: None"]Attack complexity
{vulnerability.cvss_vector | parseCvssVector:"AC"}
// Returns: "Low" or "High"Invalid property
{"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" | parseCvssVector:"XY"}
// Returns: "Property XY not found"Use Cases
- Displaying CVSS metrics in human-readable format
- Creating detailed vulnerability descriptions
- Building attack vector summaries
- Filtering vulnerabilities by specific CVSS components
- Compliance reporting requiring CVSS breakdown