From cd8a2881d423bcb5d5d0aeea3a2991eb8bb67580 Mon Sep 17 00:00:00 2001 From: Christian Studer Date: Mon, 16 Dec 2024 13:13:21 +0100 Subject: [PATCH] add: [vulnerability_lookup] Handling weakness (CWE) information while parsing github vulnerabilities --- misp_modules/modules/expansion/vulnerability_lookup.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/misp_modules/modules/expansion/vulnerability_lookup.py b/misp_modules/modules/expansion/vulnerability_lookup.py index 7dcc683e..717f03c3 100644 --- a/misp_modules/modules/expansion/vulnerability_lookup.py +++ b/misp_modules/modules/expansion/vulnerability_lookup.py @@ -284,6 +284,11 @@ class VulnerabilityLookupParser(VulnerabilityParser): misp_object.add_attribute('cvss-string', cvss['score']) for reference in lookup_result['references']: misp_object.add_attribute('references', reference['url']) + for cwe_id in lookup_result.get('database_specific', {}).get('cwe_ids', []): + attribute = self.misp_event.add_attribute( + type='weakness', value=cwe_id + ) + misp_object.add_reference(attribute.uuid, 'weakened-by') misp_object.add_reference(self.misp_attribute.uuid, 'related-to') vulnerability_object = self.misp_event.add_object(misp_object)