У меня есть таблица номеров CVE в Excel, и я хотел бы импортировать информацию Notes из репозитория Mitre CVE XML. Я довольно новичок в VBA и XPATH.
Файл XML выглядит следующим образом:
<?xml version="1.0" encoding="ISO-8859-1"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.icasi.org/CVRF/schema/cvrf/1.1 http://www.icasi.org/CVRF/schema/cvrf/1.1/cvrf.xsd">
<DocumentTitle xml:lang="en">CVE Output in CVRF 1.1: 20200109</DocumentTitle>
<DocumentType>CVE List</DocumentType>
<DocumentPublisher Type="Other">
<ContactDetails>cve@mitre.org</ContactDetails>
<IssuingAuthority>The MITRE Corporation</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>20200109-041603</ID>
</Identification>
<Status>Interim</Status>
<Version>2020.01.09.04</Version>
<RevisionHistory>
<Revision>
<Number>1</Number>
<Date>2020-01-09T04:16:03</Date>
<Description>Initial public release</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2020-01-09T04:16:03</InitialReleaseDate>
<InitialReleaseDate>2020-01-09T04:16:03</InitialReleaseDate>
<Generator>
<Engine>MITRE Custom CVE-to-CVRF Converter 2.0</Engine>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Audience="All" Ordinal="1" Title="CVE List" Type="General">This is a list of CVE Identifiers as published by MITRE.</Note>
<Note Audience="All" Ordinal="2" Title="License" Type="General">The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Vulnerabilities and Exposures (CVE (R)) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITREs copyright designation and this license in any such copy.</Note>
<Note Audience="All" Ordinal="3" Title="Disclaimers" Type="General">ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN &quot;AS IS&quot; BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.</Note>
</DocumentNotes>
<Vulnerability Ordinal="135074" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Title>CVE-2019-0001</Title>
<Notes>
<Note Ordinal="1" Type="Description">Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result in an extended denial of service condition for the device. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S1; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R3; 17.3 versions prior to 17.3R3-S1; 17.4 versions prior to 17.4R2; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2.</Note>
<Note Ordinal="2" Title="Published" Type="Other">2019-01-15</Note>
<Note Ordinal="3" Title="Modified" Type="Other">2019-12-04</Note>
</Notes>
<CVE>CVE-2019-0001</CVE>
<References>
<Reference>
<URL>http://www.securityfocus.com/bid/106541</URL>
<Description>BID:106541</Description>
</Reference>
<Reference>
<URL>https://kb.juniper.net/JSA10900</URL>
<Description>CONFIRM:https://kb.juniper.net/JSA10900</Description>
</Reference>
<Reference>
<URL>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RMKFSHPMOZL7MDWU5RYOTIBTRWSZ4Z6X/</URL>
<Description>FEDORA:FEDORA-2019-5f14b810f8</Description>
</Reference>
<Reference>
<URL>https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7CPKBW4QZ4VIY4UXIUVUSHRJ4R2FROE/</URL>
<Description>FEDORA:FEDORA-2019-815807c020</Description>
</Reference>
</References>
</Vulnerability>
У меня есть тестовый бит VBA:
Dim CVEnode As IXMLDOMNode
Dim xDoc As MSXML2.DOMDocument60
Dim XMLFile As Variant
Set xDoc = New MSXML2.DOMDocument60
xDoc.resolveExternals = True
xDoc.SetProperty "SelectionNamespaces", "xmlns:ns='http://www.icasi.org/CVRF/schema/cvrf/1.1'"
XMLFile = "Z:\CVE\allitems-cvrf-year-2019.xml"
If XMLFile = False Then Exit Sub
xDoc.Load (XMLFile)
Set CVEnode = xDoc.SelectSingleNode("/ns:cvrfdoc/ns:Vulnerability/ns:Title[.='CVE-2019-0001']")
Файл XML загружается нормально, и я могу l oop через узлы и дочерние узлы, пока не найду CVE, который я ищу, но для каждого года имеется более 10 тысяч записей CVE, поэтому опция зацикливания довольно медленно Я хотел бы перейти прямо к нужному мне узлу, но SelectSingleNode не работает для меня. Когда я запускаю код, я получаю значение ничего для CVEnode. Любая помощь или указатели будут с благодарностью. Спасибо.