mirror of https://github.com/MISP/misp-modules
Merge branch 'main' of github.com:MISP/misp-modules into chrisr3d_patch
commit
993a614a20
|
@ -13,6 +13,7 @@ moduleinfo = {
|
||||||
}
|
}
|
||||||
moduleconfig = ["custom_API_URL", "limit"]
|
moduleconfig = ["custom_API_URL", "limit"]
|
||||||
cveapi_url = 'https://cvepremium.circl.lu/api/query'
|
cveapi_url = 'https://cvepremium.circl.lu/api/query'
|
||||||
|
DEFAULT_LIMIT = 10
|
||||||
|
|
||||||
|
|
||||||
class VulnerabilitiesParser():
|
class VulnerabilitiesParser():
|
||||||
|
@ -31,11 +32,11 @@ class VulnerabilitiesParser():
|
||||||
},
|
},
|
||||||
'vulnerable_configuration': {
|
'vulnerable_configuration': {
|
||||||
'type': 'cpe',
|
'type': 'cpe',
|
||||||
'object_relation': 'vulnerable_configuration'
|
'object_relation': 'vulnerable-configuration'
|
||||||
},
|
},
|
||||||
'vulnerable_configuration_cpe_2_2': {
|
'vulnerable_configuration_cpe_2_2': {
|
||||||
'type': 'cpe',
|
'type': 'cpe',
|
||||||
'object_relation': 'vulnerable_configuration'
|
'object_relation': 'vulnerable-configuration'
|
||||||
},
|
},
|
||||||
'Modified': {
|
'Modified': {
|
||||||
'type': 'datetime',
|
'type': 'datetime',
|
||||||
|
@ -99,19 +100,18 @@ def handler(q=False):
|
||||||
attribute = request['attribute']
|
attribute = request['attribute']
|
||||||
if attribute.get('type') != 'cpe':
|
if attribute.get('type') != 'cpe':
|
||||||
return {'error': 'Wrong input attribute type.'}
|
return {'error': 'Wrong input attribute type.'}
|
||||||
url = check_url(request['config']['custom_API_URL']) if request['config'].get('custom_API_URL') else cveapi_url
|
config = request['config']
|
||||||
|
url = check_url(config['custom_API_URL']) if config.get('custom_API_URL') else cveapi_url
|
||||||
|
limit = int(config['limit']) if config.get('limit') else DEFAULT_LIMIT
|
||||||
params = {
|
params = {
|
||||||
"retrieve": "cves",
|
"retrieve": "cves",
|
||||||
"dict_filter": {
|
"dict_filter": {
|
||||||
"vulnerable_configuration": attribute['value']
|
"vulnerable_configuration": attribute['value']
|
||||||
}
|
},
|
||||||
}
|
"limit": limit,
|
||||||
if request['config'].get('limit'):
|
|
||||||
params.update({
|
|
||||||
"limit": int(request['config']['limit']),
|
|
||||||
"sort": "cvss",
|
"sort": "cvss",
|
||||||
"sort_dir": "DESC"
|
"sort_dir": "DESC"
|
||||||
})
|
}
|
||||||
response = requests.post(url, json=params)
|
response = requests.post(url, json=params)
|
||||||
if response.status_code == 200:
|
if response.status_code == 200:
|
||||||
vulnerabilities = response.json()['data']
|
vulnerabilities = response.json()['data']
|
||||||
|
|
Loading…
Reference in New Issue