mirror of https://github.com/MISP/misp-modules
fix: [cve_advanced] Avoiding potential MISP object references issues
- Adding objects as dictionaries in an event may cause issues in some cases. It is better to pass the MISP object as is, as it is already a valid object since the MISPObject class is usedpull/429/head
parent
c5abf89805
commit
14aa6e2d1a
|
@ -56,7 +56,7 @@ class VulnerabilityParser():
|
||||||
value = value['title']
|
value = value['title']
|
||||||
vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
|
vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
|
||||||
vulnerability_object.add_reference(self.attribute['uuid'], 'related-to')
|
vulnerability_object.add_reference(self.attribute['uuid'], 'related-to')
|
||||||
self.misp_event.add_object(**vulnerability_object)
|
self.misp_event.add_object(vulnerability_object)
|
||||||
if 'cwe' in self.vulnerability and self.vulnerability['cwe'] not in ('Unknown', 'NVD-CWE-noinfo'):
|
if 'cwe' in self.vulnerability and self.vulnerability['cwe'] not in ('Unknown', 'NVD-CWE-noinfo'):
|
||||||
self.__parse_weakness(vulnerability_object.uuid)
|
self.__parse_weakness(vulnerability_object.uuid)
|
||||||
if 'capec' in self.vulnerability:
|
if 'capec' in self.vulnerability:
|
||||||
|
@ -79,7 +79,7 @@ class VulnerabilityParser():
|
||||||
for related_weakness in capec['related_weakness']:
|
for related_weakness in capec['related_weakness']:
|
||||||
attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
|
attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
|
||||||
capec_object.add_attribute('related-weakness', **attribute)
|
capec_object.add_attribute('related-weakness', **attribute)
|
||||||
self.misp_event.add_object(**capec_object)
|
self.misp_event.add_object(capec_object)
|
||||||
self.references[vulnerability_uuid].append(dict(referenced_uuid=capec_object.uuid,
|
self.references[vulnerability_uuid].append(dict(referenced_uuid=capec_object.uuid,
|
||||||
relationship_type='targeted-by'))
|
relationship_type='targeted-by'))
|
||||||
|
|
||||||
|
@ -95,7 +95,7 @@ class VulnerabilityParser():
|
||||||
for feature, relation in self.weakness_mapping.items():
|
for feature, relation in self.weakness_mapping.items():
|
||||||
if cwe.get(feature):
|
if cwe.get(feature):
|
||||||
weakness_object.add_attribute(relation, **dict(type=attribute_type, value=cwe[feature]))
|
weakness_object.add_attribute(relation, **dict(type=attribute_type, value=cwe[feature]))
|
||||||
self.misp_event.add_object(**weakness_object)
|
self.misp_event.add_object(weakness_object)
|
||||||
self.references[vulnerability_uuid].append(dict(referenced_uuid=weakness_object.uuid,
|
self.references[vulnerability_uuid].append(dict(referenced_uuid=weakness_object.uuid,
|
||||||
relationship_type='weakened-by'))
|
relationship_type='weakened-by'))
|
||||||
break
|
break
|
||||||
|
|
Loading…
Reference in New Issue