new: Weakness & attack-pattern objects to describe CWE & CAPEC related to a CVE

- The attack-pattern object is using a new attribute type called weakness to describe CWE id, which will link to its own information as described in https://cve.circl.lu
2019-08-01 14:34:30 +02:00 · 2019-08-01 14:34:30 +02:00 · ad83a3a56f
parent d2f955bc74
commit ad83a3a56f
2 changed files with 97 additions and 0 deletions
--- a/objects/attack-pattern/definition.json
+++ b/objects/attack-pattern/definition.json
@ -0,0 +1,45 @@
+{
+    "requiredOneOf": [
+        "name",
+        "id"
+    ],
+    "attributes": {
+        "id": {
+            "description": "CAPEC ID.",
+            "ui-priority": 0,
+            "disable_correlation": true,
+            "misp-attribute": "text"
+        },
+        "name": {
+            "description": "Name of the attack pattern.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "summary": {
+            "description": "Summary description of the attack pattern.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "prerequisites": {
+            "description": "Prerequisites for the attack pattern to succeed.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "solutions": {
+            "description": "Solutions for the attack pattern to be countered.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "related-weakness": {
+            "description": "Weakness related to the attack pattern.",
+            "ui-priority": 0,
+            "multiple": true,
+            "misp-attribute": "weakness"
+        }
+    },
+    "version": 1,
+    "description": "Attack pattern describing a common attack pattern enumeration and classification.",
+    "meta-category": "vulnerability",
+    "uuid": "35928348-56be-4d7f-9752-a80927936351",
+    "name": "attack-pattern"
+}
--- a/objects/weakness/definition.json
+++ b/objects/weakness/definition.json
@ -0,0 +1,52 @@
+{
+    "requiredOneOf": [
+        "id",
+        "name",
+        "description"
+    ],
+    "attributes": {
+        "id": {
+            "description": "Weakness ID (generally CWE).",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "description": {
+            "description": "Description of the weakness.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "name": {
+            "description": "Name of the weakness.",
+            "ui-priority": 0,
+            "misp-attribute": "text"
+        },
+        "status": {
+            "description": "Status of the weakness.",
+            "ui-priority": 0,
+            "sane_default": [
+                "Incomplete",
+                "Deprecated",
+                "Draft",
+                "Usable"
+            ],
+            "disable_correlation": true,
+            "misp-attribute": "text"
+        },
+        "weakness-abs": {
+            "description": "Abstraction of the weakness.",
+            "ui-priority": 0,
+            "sane_default": [
+                "Class",
+                "Base",
+                "Variant"
+            ],
+            "disable_correlation": true,
+            "misp-attribute": "text"
+        }
+    },
+    "version": 1,
+    "description": "Weakness object describing a common weakness enumeration which can describe usable, incomplete, draft or deprecated weakness for software, equipment of hardware.",
+    "meta-category": "vulnerability",
+    "uuid": "b8713fc0-d7a2-4b27-a182-38ed47966802",
+    "name": "weakness"
+}