mirror of https://github.com/MISP/misp-modules
fix: [cve_advanced] Avoiding potential MISP object references issues
- Adding objects as dictionaries in an event may cause issues in some cases. It is better to pass the MISP object as is, as it is already a valid object since the MISPObject class is usedpull/429/head
parent
c5abf89805
commit
14aa6e2d1a
|
@ -56,7 +56,7 @@ class VulnerabilityParser():
|
|||
value = value['title']
|
||||
vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
|
||||
vulnerability_object.add_reference(self.attribute['uuid'], 'related-to')
|
||||
self.misp_event.add_object(**vulnerability_object)
|
||||
self.misp_event.add_object(vulnerability_object)
|
||||
if 'cwe' in self.vulnerability and self.vulnerability['cwe'] not in ('Unknown', 'NVD-CWE-noinfo'):
|
||||
self.__parse_weakness(vulnerability_object.uuid)
|
||||
if 'capec' in self.vulnerability:
|
||||
|
@ -79,7 +79,7 @@ class VulnerabilityParser():
|
|||
for related_weakness in capec['related_weakness']:
|
||||
attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
|
||||
capec_object.add_attribute('related-weakness', **attribute)
|
||||
self.misp_event.add_object(**capec_object)
|
||||
self.misp_event.add_object(capec_object)
|
||||
self.references[vulnerability_uuid].append(dict(referenced_uuid=capec_object.uuid,
|
||||
relationship_type='targeted-by'))
|
||||
|
||||
|
@ -95,7 +95,7 @@ class VulnerabilityParser():
|
|||
for feature, relation in self.weakness_mapping.items():
|
||||
if cwe.get(feature):
|
||||
weakness_object.add_attribute(relation, **dict(type=attribute_type, value=cwe[feature]))
|
||||
self.misp_event.add_object(**weakness_object)
|
||||
self.misp_event.add_object(weakness_object)
|
||||
self.references[vulnerability_uuid].append(dict(referenced_uuid=weakness_object.uuid,
|
||||
relationship_type='weakened-by'))
|
||||
break
|
||||
|
|
Loading…
Reference in New Issue