CVSS 3.1 calculator in SPL [Solution]

Security

Hi all,

not a question, just an attempt to save other ppl some time. We had the need of calculating the score of CVSS3.1 Vector strings. We first used an external python script but that comes with a cost. Hence I decided to implement a cvss calculator in SPL.

It's already tested against a wide range of vector strings and seems pretty robust.

here is what we created as a macro named `cvss31`

https://github.com/niko31337/splcvss31/blob/main/cvss31.macro

to call the macro and get the relevant fields, you do something like this:

| makeresults
| eval cvss_vector_string="CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C/CR:M/IR:M/AR:H/MUI:R"
`cvss31`
| table cvss_vector_string, main_score, main_rating, base_score, temporal_score, environmental_score, cvss_error

and you end up with this result:

Make sure you always check for errors in the cvss_error field...

cheers,

Niko

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious! We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...