In [None]:
import google.generativeai as genai
import csv
import time

def generate_cvss_vectors(descriptions, api_key):
    if not api_key:
        raise ValueError("API key for Generative AI is not set.")

    # Configure the API
    genai.configure(api_key=api_key)

    # Configuration for the model
    generation_config = {
        "temperature": 0.7,
        "max_output_tokens": 50,
    }

    # Join all descriptions into one, separated by a newline
    full_prompt = "\n\n".join(descriptions)

    # Call the generative model with the configured settings
    try:
        model = genai.GenerativeModel(model_name="gemini-1.0-pro", generation_config=generation_config)
        response = model.generate_content(full_prompt)

        # Debug: Print the entire response for inspection
        print(f"Full API Response: {response}")

        # Ensure the output matches the required format by extracting lines that match the pattern
        if response.candidates:
            generated_texts = response.candidates[0].content.parts[0].text.strip().splitlines()
            return [text.strip() for text in generated_texts if text.startswith("CVSS:3.1/")]
        else:
            print("No candidates returned in the API response.")
            return [None] * len(descriptions)
    except Exception as e:
        print(f"Error during API call: {e}")
        return [None] * len(descriptions)

# Main function to process the CSV file
def process_cvss_file(filename, api_key, batch_size=2):
    correct_count = 0
    total_count = 0

    with open(filename, mode='r', encoding='latin-1') as file:
        csv_reader = csv.DictReader(file)
        batch_descriptions = []
        batch_gt_vectors = []

        for i, row in enumerate(csv_reader):
            description = row['Description'].strip()
            correct_vector = row['GT'].strip().upper()

            prompt = f"""Analyze the following CVE description and calculate the CVSS v3.1 Base Score. Determine the values for each base metric: AV, AC, PR, UI, S, C, I, and A. Summarize each metric’s value and provide the final CVSS v3.1 vector string.
Valid options for each metric are as follows:
- Attack Vector (AV): Network (N), Adjacent (A), Local (L), Physical (P)
- Attack Complexity (AC): Low (L), High (H)
- Privileges Required (PR): None (N), Low (L), High (H)
- User Interaction (UI): None (N), Required (R)
- Scope (S): Unchanged (U), Changed (C)
- Confidentiality (C): None (N), Low (L), High (H)
- Integrity (I): None (N), Low (L), High (H)
- Availability (A): None (N), Low (L), High (H)
Summarize each metric’s value and provide the final CVSS v3.1 vector string in the exact following format:
CVSS:3.1/AV:X/AC:X/PR:X/UI:X/S:X/C:X/I:X/A:X
CVE Description: {description}"""

            batch_descriptions.append(prompt)
            batch_gt_vectors.append(correct_vector)

            if (i + 1) % batch_size == 0 or (i + 1) == sum(1 for _ in open(filename, encoding='latin-1')):
                generated_vectors = generate_cvss_vectors(batch_descriptions, api_key)

                for generated_vector, correct_vector in zip(generated_vectors, batch_gt_vectors):
                    if generated_vector == correct_vector:
                        correct_count += 1
                    total_count += 1

                    print(f"Generated Vector: {generated_vector}")
                    print(f"Correct Vector: {correct_vector}")
                    print(f"{'Correct' if generated_vector == correct_vector else 'Incorrect'}\n")

                batch_descriptions = []
                batch_gt_vectors = []

                time.sleep(4)

    print(f"Total Descriptions: {total_count}")
    print(f"Correct Vectors: {correct_count}")
    print(f"Accuracy: {correct_count / total_count * 100:.2f}%")

# Example usage
if __name__ == "__main__":
    api_key = "AIzaSyDoyoQOqfej_ZJBud99ilYK9RI-3UIiyDs"  # Replace with your actual API key
    process_cvss_file("/content/vsp.csv", api_key, batch_size=2)


KeyboardInterrupt: 