This vulnerability check tool can search for vulnerablities in software/hardware products based on the CPE 2.3 standard of NIST. The CPE 2.3 standard of NIST is used to identify a product. The scripts use the NIST API to query the National Vulnerability Database of NIST to find vulnerabilities. The Vulnerability check tool is written in PowerShell for native compatability with Windows-systems.
This tool consists of three scripts that are available for use.
This script is used to get an identifier that contains the following attributes.
- Vendor
- Product
- Version
Usage:
.\Get-CPE.ps1 microsoft edge
This script uses a CPE string to query for CVE's
Usage:
.\Get-CPE.ps1 cpe:2.3:a:microsoft:edge_chromium:105.0.1343.25:*:*:*:*:*:*:*
This script is used to lookup the Common Vulnerability Scoring System (CVSS) scores given by NIST and third-parties to a CVE. The scores that are looked up are:
- BaseScore
- ExploitScore
- ImpactScore
Usage:
.\Get-CVSS.ps1 CVE-2023-21719