It seems the argument mincvss not working anymore
RobbeR opened this issue · 2 comments
Dear Devs,
I use this script since last year, and it worked like a charm until now. Now it seems the mincvss argument not working anymore. Here's my nmap call:
nmap -sV --script /path/to/vulners/vulners.nse --script-args mincvss=8 {TARGET_IP}
It gives me the following output (sample):
...
80/tcp open http Apache httpd 2.4.18
|_http-server-header: Apache/2.4.18
| vulners:
| cpe:/a:apache:http_server:2.4.18:
| EXPLOITPACK:44C5118F831D55FAF4259C41D8BDA0AB 7.2 https://vulners.com/exploitpack/EXPLOITPACK:44C5118F831D55FAF4259C41D8BDA0AB *EXPLOIT*
| 1337DAY-ID-32502 7.2 https://vulners.com/zdt/1337DAY-ID-32502 *EXPLOIT*
| EDB-ID:47689 5.8 https://vulners.com/exploitdb/EDB-ID:47689 *EXPLOIT*
...
As you can see, I got exploits with 7.2 and lower CVS score, but I would like to get reports exploits over 8.0 CVSS only. It worked before, but something has changed a few weeks ago.
Can you help me what did I wrong?
Thanks,
RobbeR
Hi,
I know this issue is a little dated but I came across the same problem as well and started digging around the script to find out what might cause this. Basically, there is this if block in the vulners.nse script:
if v.is_exploit or (v.cvss and mincvss <= v.cvss) then
setmetatable(v, cve_meta)
output[#output+1] = v
end
The problem is in the if statement where it says "if v.is_exploit", this effectively overrides mincvss argument that you pass while running nmap with vulners script. The reason is that they probably don't want you to miss any exploitable vulnerabilities, which is quite understandable. However, if you can find where vulners.nse is located on your machine (/path/to/nmap/scripts/vulners.nse for Linux/MacOS machines) and modify this if block in the following way, it should solve the issue:
if v.cvss and mincvss <= v.cvss then
setmetatable(v, cve_meta)
output[#output+1] = v
end
Hope this helps.
Cheers,
Burak
Dear @mavzerburak0 ,
I added this "patch" to my vulners.nse, and it works much better now.
Thank you for your help!