fix: [variotdbs] Fixed some typos, missing imports, and some issues in the main parsing process

misp_modules/modules/expansion/__init__.py

@@ -18,7 +18,8 @@ __all__ = ['cuckoo_submit', 'vmray_submit', 'bgpranking', 'circl_passivedns', 'c
            'assemblyline_submit', 'assemblyline_query', 'ransomcoindb', 'malwarebazaar',
            'lastline_query', 'lastline_submit', 'sophoslabs_intelix', 'cytomic_orion', 'censys_enrich',
            'trustar_enrich', 'recordedfuture', 'html_to_markdown', 'socialscan', 'passive-ssh',
-           'qintel_qsentry', 'mwdb', 'hashlookup', 'mmdb_lookup', 'ipqs_fraud_and_risk_scoring', 'clamav', 'jinja_template_rendering','hyasinsight']
+           'qintel_qsentry', 'mwdb', 'hashlookup', 'mmdb_lookup', 'ipqs_fraud_and_risk_scoring',
+           'clamav', 'jinja_template_rendering','hyasinsight', 'variotdbs']
 
 
 minimum_required_fields = ('type', 'uuid', 'value')

misp_modules/modules/expansion/variotdbs.py

@@ -1,7 +1,7 @@
 import json
 import requests
 from . import check_input_attribute, standard_error_message
-from pymisp import MISPEvent, MISPObject
+from pymisp import MISPAttribute, MISPEvent, MISPObject
 
 misperrors = {'error': 'Error'}
 mispattributes = {'input': ['vulnerability'], 'format': 'misp_standard'}
@@ -31,7 +31,7 @@ class VariotdbsParser:
 
     @property
     def misp_attribute(self) -> MISPAttribute:
-        return self.__attribute
+        return self.__misp_attribute
 
     @property
     def misp_event(self) -> MISPEvent:
@@ -65,13 +65,14 @@ class VariotdbsParser:
                     query_results[feature]['data']
                 )
         if query_results.get('configurations', {}).get('data'):
-            for node in query_results['configurations']['data']['nodes']:
+            for configuration in query_results['configurations']['data']:
-                for cpe_match in node['cpe_match']:
+                for node in configuration['nodes']:
-                    if cpe_match['vulnerable']:
+                    for cpe_match in node['cpe_match']:
-                        vulnerability_object.add_attribute(
+                        if cpe_match['vulnerable']:
-                            'vulnerable-configuration',
+                            vulnerability_object.add_attribute(
-                            cpe_match['cpe23Uri']
+                                'vulnerable-configuration',
-                        )
+                                cpe_match['cpe23Uri']
+                            )
         if query_results.get('cvss', {}).get('data'):
             cvss = {}
             for cvss_data in query_results['cvss']['data']:
@@ -129,15 +130,19 @@ def handler(q=False):
     headers = {'Content-Type': 'application/json'}
     if request.get('config', {}).get('API_key'):
         headers['Authorization'] = f"Token {request['config']['API_key']}"
+    empty = True
+    parser = VariotdbsParser(attribute)
     r = requests.get(f"{variotdbs_url}/vuln/{attribute['value']}/", headers=headers)
     if r.status_code == 200:
-        query_results = r.json()
+        vulnerability_results = r.json()
-        if not query_results:
+        if vulnerability_results:
-            return {'error': 'Empty results'}
+            parser.parse_vulnerability_information(vulnerability_results)
+            empty = False
     else:
-        return {'error': 'Error while querying the variotdbs API.'}
+        if r.reason != 'Not found':
-    parser = VariotdbsParser(attribute, query_results)
+            return {'error': 'Error while querying the variotdbs API.'}
-    parser.parse_vulnerability_information()
+    if empty:
+        return {'error': 'Empty results'}
     return parser.get_results()
 
 
@@ -147,4 +152,4 @@ def introspection():
 
 def version():
     moduleinfo['config'] = moduleconfig
-    return moduleconfig
+    return moduleinfo