fix(metric): cvss 3.0 ModifiedImpact calculation (#18)

fixes #17

src/score-calculator.ts

@@ -224,7 +224,11 @@ export const calculateModifiedImpact = (
   metricsMap.get(EnvironmentalMetric.MODIFIED_SCOPE) === 'U'
     ? 6.42 * miss
     : 7.52 * (miss - 0.029) -
-      3.25 * Math.pow(miss * 0.9731 - 0.02, versionStr === '3.0' ? 15 : 13);
+      3.25 *
+        Math.pow(
+          miss * (versionStr === '3.0' ? 1 : 0.9731) - 0.02,
+          versionStr === '3.0' ? 15 : 13
+        );
 
 // https://www.first.org/cvss/v3.1/specification-document#7-1-Base-Metrics-Equations
 // Exploitability = 8.22 × AttackVector × AttackComplexity × PrivilegesRequired × UserInteraction
@@ -368,6 +372,7 @@ export const calculateEnvironmentalResult = (
 
   metricsMap = populateTemporalMetricDefaults(metricsMap);
   metricsMap = populateEnvironmentalMetricDefaults(metricsMap);
+
   const miss = calculateMiss(metricsMap);
   const impact = calculateModifiedImpact(metricsMap, miss, versionStr);
   const exploitability = calculateModifiedExploitability(metricsMap);

tests/score-calculator.spec.ts

@@ -99,6 +99,18 @@ const cvssTests = {
     7.7,
     6.8,
     6.5
+  ],
+  'CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H': [9.6, 9.6, 9.6],
+  'CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/MAV:A/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H': [
+    9.6,
+    9.6,
+    9.6
+  ],
+  'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H': [9.6, 9.6, 9.7],
+  'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/MAV:A/MAC:L/MPR:N/MUI:N/MS:C/MC:H/MI:H/MA:H': [
+    9.6,
+    9.6,
+    9.7
   ]
 };