/
Structure Elements for Calculated Fields

Structure Elements for Calculated Fields

Owned by Andreas Spall (evolu.software)
Last updated: Apr 16, 2024
1 min read

To implement complex algorithms (e.g. Security - Incident - CVSS 3.1 (CVSS Calculation explained )) you can use the following structural elements.

if condition

Allows you to compare expression1 with expression2 using a condition.

  • an expression is a single-line expression which can contain these operators. Operators for Calculated Fields

  • you can use the following conditions

    • >

    • >=

    • ==

    • <=

    • <

    • !=

  • the if sections cannot be nested

  • the Else section is optional

Structure

#if (expression1) condition (expression2) { // one or more lines } else { // one or more lines }

Example

#if (scope) == (1) { #variableImpact(6.42 $variableISS *) } else { #variableImpact(7.52 $variableISS 0.029 - * 3.25 $variableISS 0.02 - 15 ^ * -) }

return declaration

Returns the result of the expression . the following elements are ignored

Structure

#return(expression)

Example

#return($variableImpact $variableExploitability + 10 $min 1 $roundUp)

variable definition

Defines a variable which you can access in the following lines

Structure

#variableNAME(expression)

Example

#variableToUsePrivilegesRequired(0.85)

variable usage

Returns the value of a variable and can be used within expressions

Structure

$variableNAME

Example

8.22 attack-vector attack-complexity $variableToUsePrivilegesRequired user-interaction * * * *

or combined with variable definition

#variableExploitability(8.22 attack-vector attack-complexity $variableToUsePrivilegesRequired user-interaction * * * *)

Related content