From ad83a3a56f0c9f31de8fb0ff6b6b639de00a595c Mon Sep 17 00:00:00 2001 From: chrisr3d Date: Thu, 1 Aug 2019 14:34:30 +0200 Subject: [PATCH] new: Weakness & attack-pattern objects to describe CWE & CAPEC related to a CVE - The attack-pattern object is using a new attribute type called weakness to describe CWE id, which will link to its own information as described in https://cve.circl.lu --- objects/attack-pattern/definition.json | 45 ++++++++++++++++++++++ objects/weakness/definition.json | 52 ++++++++++++++++++++++++++ 2 files changed, 97 insertions(+) create mode 100644 objects/attack-pattern/definition.json create mode 100644 objects/weakness/definition.json diff --git a/objects/attack-pattern/definition.json b/objects/attack-pattern/definition.json new file mode 100644 index 0000000..5426519 --- /dev/null +++ b/objects/attack-pattern/definition.json @@ -0,0 +1,45 @@ +{ + "requiredOneOf": [ + "name", + "id" + ], + "attributes": { + "id": { + "description": "CAPEC ID.", + "ui-priority": 0, + "disable_correlation": true, + "misp-attribute": "text" + }, + "name": { + "description": "Name of the attack pattern.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "summary": { + "description": "Summary description of the attack pattern.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "prerequisites": { + "description": "Prerequisites for the attack pattern to succeed.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "solutions": { + "description": "Solutions for the attack pattern to be countered.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "related-weakness": { + "description": "Weakness related to the attack pattern.", + "ui-priority": 0, + "multiple": true, + "misp-attribute": "weakness" + } + }, + "version": 1, + "description": "Attack pattern describing a common attack pattern enumeration and classification.", + "meta-category": "vulnerability", + "uuid": "35928348-56be-4d7f-9752-a80927936351", + "name": "attack-pattern" +} diff --git a/objects/weakness/definition.json b/objects/weakness/definition.json new file mode 100644 index 0000000..0413fb3 --- /dev/null +++ b/objects/weakness/definition.json @@ -0,0 +1,52 @@ +{ + "requiredOneOf": [ + "id", + "name", + "description" + ], + "attributes": { + "id": { + "description": "Weakness ID (generally CWE).", + "ui-priority": 0, + "misp-attribute": "text" + }, + "description": { + "description": "Description of the weakness.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "name": { + "description": "Name of the weakness.", + "ui-priority": 0, + "misp-attribute": "text" + }, + "status": { + "description": "Status of the weakness.", + "ui-priority": 0, + "sane_default": [ + "Incomplete", + "Deprecated", + "Draft", + "Usable" + ], + "disable_correlation": true, + "misp-attribute": "text" + }, + "weakness-abs": { + "description": "Abstraction of the weakness.", + "ui-priority": 0, + "sane_default": [ + "Class", + "Base", + "Variant" + ], + "disable_correlation": true, + "misp-attribute": "text" + } + }, + "version": 1, + "description": "Weakness object describing a common weakness enumeration which can describe usable, incomplete, draft or deprecated weakness for software, equipment of hardware.", + "meta-category": "vulnerability", + "uuid": "b8713fc0-d7a2-4b27-a182-38ed47966802", + "name": "weakness" +}