mirror of https://github.com/MISP/misp-modules
fix: Updates following the latest CVE-search version
- Support of the new vulnerable configuration field for CPE version > 2.2 - Support of different 'unknown CWE' messagepull/343/head
parent
d2b92f8ad9
commit
e1602fdca9
|
@ -23,6 +23,7 @@ class VulnerabilityParser():
|
|||
self.capec_features = ('id', 'name', 'summary', 'prerequisites', 'solutions')
|
||||
self.vulnerability_mapping = {
|
||||
'id': ('text', 'id'), 'summary': ('text', 'summary'),
|
||||
'vulnerable_configuration': ('text', 'vulnerable_configuration'),
|
||||
'vulnerable_configuration_cpe_2_2': ('text', 'vulnerable_configuration'),
|
||||
'Modified': ('datetime', 'modified'), 'Published': ('datetime', 'published'),
|
||||
'references': ('link', 'references'), 'cvss': ('float', 'cvss-score')}
|
||||
|
@ -46,14 +47,16 @@ class VulnerabilityParser():
|
|||
if 'Published' in self.vulnerability:
|
||||
vulnerability_object.add_attribute('published', **{'type': 'datetime', 'value': self.vulnerability['Published']})
|
||||
vulnerability_object.add_attribute('state', **{'type': 'text', 'value': 'Published'})
|
||||
for feature in ('references', 'vulnerable_configuration_cpe_2_2'):
|
||||
for feature in ('references', 'vulnerable_configuration', 'vulnerable_configuration_cpe_2_2'):
|
||||
if feature in self.vulnerability:
|
||||
attribute_type, relation = self.vulnerability_mapping[feature]
|
||||
for value in self.vulnerability[feature]:
|
||||
if isinstance(value, dict):
|
||||
value = value['title']
|
||||
vulnerability_object.add_attribute(relation, **{'type': attribute_type, 'value': value})
|
||||
vulnerability_object.add_reference(self.attribute['uuid'], 'related-to')
|
||||
self.misp_event.add_object(**vulnerability_object)
|
||||
if 'cwe' in self.vulnerability and self.vulnerability['cwe'] != 'Unknown':
|
||||
if 'cwe' in self.vulnerability and self.vulnerability['cwe'] not in ('Unknown', 'NVD-CWE-noinfo'):
|
||||
self.__parse_weakness(vulnerability_object.uuid)
|
||||
if 'capec' in self.vulnerability:
|
||||
self.__parse_capec(vulnerability_object.uuid)
|
||||
|
|
Loading…
Reference in New Issue