Private/Get-MsrcCvrfProductVulnerability.ps1
|
Function Get-MsrcCvrfProductVulnerability { <# .SYNOPSIS Get product vulnerability details from a CVRF document .DESCRIPTION CVRF documents next products into several places, including: -Vulnerabilities -Threats -Remediations -Product Tree This function gathers the details for each product identified in a CVRF document. It provides a list of Threats, Remediations and CVSS Score Sets for each product. .PARAMETER Vulnerability .PARAMETER ProductTree .PARMETER DocumentTracking .PARAMETER DocumentTitle .EXAMPLE Get-MsrcCvrfDocument -ID 2016-Nov | Get-MsrcCvrfProductVulnerability Get product vulnerability details from a CVRF document using the pipeline .EXAMPLE $cvrfDocument = Get-MsrcCvrfDocument -ID 2016-Nov Get-MsrcCvrfProductVulnerability -Vulnerability $cvrfDocument.Vulnerability -ProductTree $cvrfDocument.ProductTree -DocumentTracking $cvrfDocument.DocumentTracking -DocumentTitle $cvrfDocument.DocumentTitle Get product vulnerability details from a CVRF document using a variable and parameters #> Param ( [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $Vulnerability, [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $ProductTree, [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $DocumentTracking, [Parameter(Mandatory,ValueFromPipelineByPropertyName)] $DocumentTitle ) Begin {} Process { $ProductTree.Branch.Items | ForEach-Object { $b = $_ $b.Items | ForEach-Object { # $CvrfRelatedProducts += [PSCustomObject]@{ [PSCustomObject]@{ CvrfAlias = $DocumentTracking.Identification.Alias.Value ; CvrfTitle = $DocumentTitle.Value ; BranchName = $b.Name ; ProductName = $_.Value ; ProductID = $_.ProductID ; } } } | ForEach-Object { $Remediations = $Threats = $CVSSScoreSets = @() $MaximumSeverity = $RestartRequired = $null $o = $_ $Vulnerability | ForEach-Object { $v = $_ $v.Remediations | Where-Object {$_.ProductID -Contains $o.ProductID } | ForEach-Object { $_ | Add-Member -NotePropertyName VulnerabilityCVE -NotePropertyValue $v.CVE -Force $_ | Add-Member -NotePropertyName VulnerabilityTitle -NotePropertyValue $v.Title.Value -Force $Remediations += $_ } $v.Threats | Where-Object { $_.ProductID -Contains $ot.ProductID } | ForEach-Object { $_ | Add-Member -NotePropertyName VulnerabilityCVE -NotePropertyValue $v.CVE -Force $_ | Add-Member -NotePropertyName VulnerabilityTitle -NotePropertyValue $v.Title.Value -Force $Threats += $_ } $v.CVSSScoreSets | Where-Object {$_.ProductID -Contains $o.ProductID } | ForEach-Object { $_ | Add-Member -NotePropertyName VulnerabilityCVE -NotePropertyValue $v.CVE -Force $_ | Add-Member -NotePropertyName VulnerabilityTitle -NotePropertyValue $v.Title.Value -Force $CVSSScoreSets += $_ } $o | Add-Member -NotePropertyName Remediations -NotePropertyValue $Remediations -Force $o | Add-Member -NotePropertyName Threats -NotePropertyValue $Threats -Force $o | Add-Member -NotePropertyName CVSSScoreSets -NotePropertyValue $CVSSScoreSets -Force } $MaximumSeverity = Switch ( ( $v.Threats | Where-Object {$_.ProductID -Contains $o.ProductID } | Where-Object {$_.Type -eq 3 } ).Description.Value | Select-Object -Unique ) { 'Critical' { 'Critical' ; break } 'Important' { 'Important' ; break } 'Moderate' { 'Moderate' ; break } 'Low' { 'Low' ; break } default { 'Unkwown'} } $o | Add-Member -NotePropertyName MaximumSeverity -NotePropertyValue $MaximumSeverity -Force $RestartRequired = Switch ($Vulnerability.Remediations.RestartRequired.Value) { 'Yes' { 'Yes' ; break } 'Maybe' { 'Maybe' ; break } default { 'Unknown' } } $o | Add-Member -NotePropertyName RestartRequired -NotePropertyValue $RestartRequired -Force $o } } End {} } |