add: Parsing CAPEC information related to the CVE

pull/318/head
chrisr3d 3 years ago
parent 7445d7336e
commit c4302aa35e
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
  1. 18
      misp_modules/modules/expansion/cve_advanced.py

@ -16,6 +16,7 @@ class VulnerabilityParser():
self.vulnerability = vulnerability
self.misp_event = MISPEvent()
self.references = defaultdict(list)
self.capec_features = ('id', 'name', 'summary', 'prerequisites', 'solutions')
self.vulnerability_mapping = {
'id': ('text', 'id'), 'summary': ('text', 'summary'),
'vulnerable_configuration_cpe_2_2': ('text', 'vulnerable_configuration'),
@ -46,9 +47,22 @@ class VulnerabilityParser():
vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
self.misp_event.add_object(**vulnerability_object)
if 'cwe' in self.vulnerability:
self.parse_weakness(vulnerability_object.uuid)
self.__parse_weakness(vulnerability_object.uuid)
if 'capec' in self.vulnerability:
self.__parse_capec(vulnerability_object.uuid)
def parse_weakness(self, vulnerability_uuid):
def __parse_capec(self, vulnerability_uuid):
attribute_type = 'text'
for capec in self.vulnerability['capec']:
capec_object = MISPObject('capec')
for feature in self.capec_features:
capec_object.add_attribute(feature, **dict(type=attribute_type, value=capec[feature]))
for related_weakness in capec['related_weakness']:
attribute = dict(type='weakness', value="CWE-{}".format(related_weakness))
capec_object.add_attribute('related-weakness', **attribute)
self.misp_event.add_object(**capec_object)
def __parse_weakness(self, vulnerability_uuid):
attribute_type = 'text'
cwe_string, cwe_id = self.vulnerability['cwe'].split('-')
cwes = requests.get(cveapi_url.replace('/cve/', '/cwe'))

Loading…
Cancel
Save