add: Making vulnerability object reference to its related capec & cwe objects

pull/318/head
chrisr3d 3 years ago
parent c4302aa35e
commit 5c15c0ff93
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
  1. 15
      misp_modules/modules/expansion/cve_advanced.py

@ -1,3 +1,4 @@
from collections import defaultdict
from pymisp import MISPEvent, MISPObject
import json
import requests
@ -26,6 +27,8 @@ class VulnerabilityParser():
'status': 'status', 'weaknessabs': 'weakness-abs'}
def get_result(self):
if self.references:
self.__build_references()
event = json.loads(self.misp_event.to_json())['Event']
results = {key: event[key] for key in ('Attribute', 'Object') if (key in event and event[key])}
return {'results': results}
@ -51,6 +54,14 @@ class VulnerabilityParser():
if 'capec' in self.vulnerability:
self.__parse_capec(vulnerability_object.uuid)
def __build_references(self):
for object_uuid, references in self.references.items():
for misp_object in self.misp_event.objects:
if misp_object.uuid == object_uuid:
for reference in references:
misp_object.add_reference(**reference)
break
def __parse_capec(self, vulnerability_uuid):
attribute_type = 'text'
for capec in self.vulnerability['capec']:
@ -61,6 +72,8 @@ class VulnerabilityParser():
attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
capec_object.add_attribute('related-weakness', **attribute)
self.misp_event.add_object(**capec_object)
self.references[vulnerability_uuid].append(dict(referenced_uuid=capec_object.uuid,
relationship_type='targeted-by'))
def __parse_weakness(self, vulnerability_uuid):
attribute_type = 'text'
@ -75,6 +88,8 @@ class VulnerabilityParser():
if cwe.get(feature):
weakness_object.add_attribute(relation, **dict(type=attribute_type, value=cwe[feature]))
self.misp_event.add_object(**weakness_object)
self.references[vulnerability_uuid].append(dict(referenced_uuid=weakness_object.uuid,
relationship_type='weakened-by'))
break

Loading…
Cancel
Save