MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

add: [vulnerability_lookup] Added cpe information from CVE lookups

pull/709/head
Christian Studer 2024-12-16 11:54:57 +01:00
parent 63cffa2b2f
commit 5488396938
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
misp_modules/modules/expansion/vulnerability_lookup.py
View File

@ -194,8 +194,13 @@ class VulnerabilityLookupParser(VulnerabilityParser):
cveMetaData = lookup_result['cveMetadata']
for field, relation in self.mapping.cve_mapping().items():
misp_object.add_attribute(relation, cveMetaData[field])
for reference in lookup_result['containers']['cna']['references']:
containers = lookup_result['containers']
for reference in containers.get('cna', {}).get('references', []):
misp_object.add_attribute('references', reference['url'])
for adp in containers.get('adp', []):
for affected in adp.get('affected', []):
for cpe in affected.get('cpes', []):
misp_object.add_attribute('vulnerable-configuration', cpe)
misp_object.add_reference(self.misp_attribute.uuid, 'related-to')
vulnerability_object = self.misp_event.add_object(misp_object)
return vulnerability_object.uuid