pycti 6.6.17__py3-none-any.whl → 6.7.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pycti might be problematic. Click here for more details.
- pycti/__init__.py +1 -1
- pycti/api/opencti_api_client.py +12 -0
- pycti/api/opencti_api_draft.py +19 -0
- pycti/api/opencti_api_notification.py +39 -0
- pycti/api/opencti_api_pir.py +37 -0
- pycti/api/opencti_api_playbook.py +20 -0
- pycti/api/opencti_api_public_dashboard.py +25 -0
- pycti/api/opencti_api_trash.py +42 -0
- pycti/api/opencti_api_work.py +19 -0
- pycti/api/opencti_api_workspace.py +24 -0
- pycti/connector/opencti_connector_helper.py +7 -8
- pycti/entities/opencti_group.py +7 -1
- pycti/entities/opencti_identity.py +59 -0
- pycti/entities/opencti_indicator.py +37 -0
- pycti/entities/opencti_stix.py +4 -3
- pycti/entities/opencti_stix_core_object.py +327 -0
- pycti/entities/opencti_stix_core_relationship.py +83 -0
- pycti/entities/opencti_stix_domain_object.py +80 -0
- pycti/entities/opencti_stix_object_or_stix_relationship.py +40 -0
- pycti/entities/opencti_stix_sighting_relationship.py +81 -0
- pycti/entities/opencti_vulnerability.py +623 -36
- pycti/utils/constants.py +2 -1
- pycti/utils/opencti_stix2.py +212 -13
- pycti/utils/opencti_stix2_splitter.py +12 -6
- pycti/utils/opencti_stix2_utils.py +31 -4
- {pycti-6.6.17.dist-info → pycti-6.7.0.dist-info}/METADATA +4 -4
- {pycti-6.6.17.dist-info → pycti-6.7.0.dist-info}/RECORD +30 -24
- {pycti-6.6.17.dist-info → pycti-6.7.0.dist-info}/WHEEL +0 -0
- {pycti-6.6.17.dist-info → pycti-6.7.0.dist-info}/licenses/LICENSE +0 -0
- {pycti-6.6.17.dist-info → pycti-6.7.0.dist-info}/top_level.txt +0 -0
|
@@ -107,15 +107,53 @@ class Vulnerability:
|
|
|
107
107
|
name
|
|
108
108
|
description
|
|
109
109
|
x_opencti_aliases
|
|
110
|
+
x_opencti_cvss_vector
|
|
110
111
|
x_opencti_cvss_base_score
|
|
111
112
|
x_opencti_cvss_base_severity
|
|
112
113
|
x_opencti_cvss_attack_vector
|
|
114
|
+
x_opencti_cvss_attack_complexity
|
|
115
|
+
x_opencti_cvss_privileges_required
|
|
116
|
+
x_opencti_cvss_user_interaction
|
|
117
|
+
x_opencti_cvss_scope
|
|
118
|
+
x_opencti_cvss_confidentiality_impact
|
|
113
119
|
x_opencti_cvss_integrity_impact
|
|
114
120
|
x_opencti_cvss_availability_impact
|
|
115
|
-
|
|
121
|
+
x_opencti_cvss_exploit_code_maturity
|
|
122
|
+
x_opencti_cvss_remediation_level
|
|
123
|
+
x_opencti_cvss_report_confidence
|
|
124
|
+
x_opencti_cvss_temporal_score
|
|
125
|
+
x_opencti_cvss_v2_vector
|
|
126
|
+
x_opencti_cvss_v2_base_score
|
|
127
|
+
x_opencti_cvss_v2_access_vector
|
|
128
|
+
x_opencti_cvss_v2_access_complexity
|
|
129
|
+
x_opencti_cvss_v2_authentication
|
|
130
|
+
x_opencti_cvss_v2_confidentiality_impact
|
|
131
|
+
x_opencti_cvss_v2_integrity_impact
|
|
132
|
+
x_opencti_cvss_v2_availability_impact
|
|
133
|
+
x_opencti_cvss_v2_exploitability
|
|
134
|
+
x_opencti_cvss_v2_remediation_level
|
|
135
|
+
x_opencti_cvss_v2_report_confidence
|
|
136
|
+
x_opencti_cvss_v2_temporal_score
|
|
137
|
+
x_opencti_cvss_v4_vector
|
|
138
|
+
x_opencti_cvss_v4_base_score
|
|
139
|
+
x_opencti_cvss_v4_base_severity
|
|
140
|
+
x_opencti_cvss_v4_attack_vector
|
|
141
|
+
x_opencti_cvss_v4_attack_complexity
|
|
142
|
+
x_opencti_cvss_v4_attack_requirements
|
|
143
|
+
x_opencti_cvss_v4_privileges_required
|
|
144
|
+
x_opencti_cvss_v4_user_interaction
|
|
145
|
+
x_opencti_cvss_v4_confidentiality_impact_v
|
|
146
|
+
x_opencti_cvss_v4_confidentiality_impact_s
|
|
147
|
+
x_opencti_cvss_v4_integrity_impact_v
|
|
148
|
+
x_opencti_cvss_v4_integrity_impact_s
|
|
149
|
+
x_opencti_cvss_v4_availability_impact_v
|
|
150
|
+
x_opencti_cvss_v4_availability_impact_s
|
|
151
|
+
x_opencti_cvss_v4_exploit_maturity
|
|
152
|
+
x_opencti_cwe
|
|
116
153
|
x_opencti_cisa_kev
|
|
117
154
|
x_opencti_epss_score
|
|
118
155
|
x_opencti_epss_percentile
|
|
156
|
+
x_opencti_score
|
|
119
157
|
importFiles {
|
|
120
158
|
edges {
|
|
121
159
|
node {
|
|
@@ -293,21 +331,123 @@ class Vulnerability:
|
|
|
293
331
|
name = kwargs.get("name", None)
|
|
294
332
|
description = kwargs.get("description", None)
|
|
295
333
|
x_opencti_aliases = kwargs.get("x_opencti_aliases", None)
|
|
334
|
+
# CVSS3
|
|
335
|
+
x_opencti_cvss_vector = kwargs.get("x_opencti_cvss_vector", None)
|
|
296
336
|
x_opencti_cvss_base_score = kwargs.get("x_opencti_cvss_base_score", None)
|
|
297
337
|
x_opencti_cvss_base_severity = kwargs.get("x_opencti_cvss_base_severity", None)
|
|
298
338
|
x_opencti_cvss_attack_vector = kwargs.get("x_opencti_cvss_attack_vector", None)
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
339
|
+
x_opencti_cvss_attack_complexity = kwargs.get(
|
|
340
|
+
"x_opencti_cvss_attack_complexity", None
|
|
341
|
+
)
|
|
342
|
+
x_opencti_cvss_privileges_required = kwargs.get(
|
|
343
|
+
"x_opencti_cvss_privileges_required", None
|
|
344
|
+
)
|
|
345
|
+
x_opencti_cvss_user_interaction = kwargs.get(
|
|
346
|
+
"x_opencti_cvss_user_interaction", None
|
|
347
|
+
)
|
|
348
|
+
x_opencti_cvss_scope = kwargs.get("x_opencti_cvss_scope", None)
|
|
349
|
+
x_opencti_cvss_confidentiality_impact = kwargs.get(
|
|
350
|
+
"x_opencti_cvss_confidentiality_impact", None
|
|
351
|
+
)
|
|
302
352
|
x_opencti_cvss_integrity_impact = kwargs.get(
|
|
303
353
|
"x_opencti_cvss_integrity_impact", None
|
|
304
354
|
)
|
|
305
355
|
x_opencti_cvss_availability_impact = kwargs.get(
|
|
306
356
|
"x_opencti_cvss_availability_impact", None
|
|
307
357
|
)
|
|
308
|
-
|
|
309
|
-
"
|
|
358
|
+
x_opencti_cvss_exploit_code_maturity = kwargs.get(
|
|
359
|
+
"x_opencti_cvss_exploit_code_maturity", None
|
|
360
|
+
)
|
|
361
|
+
x_opencti_cvss_remediation_level = kwargs.get(
|
|
362
|
+
"x_opencti_cvss_remediation_level", None
|
|
363
|
+
)
|
|
364
|
+
x_opencti_cvss_report_confidence = kwargs.get(
|
|
365
|
+
"x_opencti_cvss_report_confidence", None
|
|
366
|
+
)
|
|
367
|
+
x_opencti_cvss_temporal_score = kwargs.get(
|
|
368
|
+
"x_opencti_cvss_temporal_score", None
|
|
369
|
+
)
|
|
370
|
+
# CVSS2
|
|
371
|
+
x_opencti_cvss_v2_vector = kwargs.get("x_opencti_cvss_v2_vector", None)
|
|
372
|
+
x_opencti_cvss_v2_base_score = kwargs.get("x_opencti_cvss_v2_base_score", None)
|
|
373
|
+
x_opencti_cvss_v2_access_vector = kwargs.get(
|
|
374
|
+
"x_opencti_cvss_v2_access_vector", None
|
|
375
|
+
)
|
|
376
|
+
x_opencti_cvss_v2_access_complexity = kwargs.get(
|
|
377
|
+
"x_opencti_cvss_v2_access_complexity", None
|
|
378
|
+
)
|
|
379
|
+
x_opencti_cvss_v2_authentication = kwargs.get(
|
|
380
|
+
"x_opencti_cvss_v2_authentication", None
|
|
381
|
+
)
|
|
382
|
+
x_opencti_cvss_v2_confidentiality_impact = kwargs.get(
|
|
383
|
+
"x_opencti_cvss_v2_confidentiality_impact", None
|
|
384
|
+
)
|
|
385
|
+
x_opencti_cvss_v2_integrity_impact = kwargs.get(
|
|
386
|
+
"x_opencti_cvss_v2_integrity_impact", None
|
|
387
|
+
)
|
|
388
|
+
x_opencti_cvss_v2_availability_impact = kwargs.get(
|
|
389
|
+
"x_opencti_cvss_v2_availability_impact", None
|
|
390
|
+
)
|
|
391
|
+
x_opencti_cvss_v2_exploitability = kwargs.get(
|
|
392
|
+
"x_opencti_cvss_v2_exploitability", None
|
|
393
|
+
)
|
|
394
|
+
x_opencti_cvss_v2_remediation_level = kwargs.get(
|
|
395
|
+
"x_opencti_cvss_v2_remediation_level", None
|
|
396
|
+
)
|
|
397
|
+
x_opencti_cvss_v2_report_confidence = kwargs.get(
|
|
398
|
+
"x_opencti_cvss_v2_report_confidence", None
|
|
399
|
+
)
|
|
400
|
+
x_opencti_cvss_v2_temporal_score = kwargs.get(
|
|
401
|
+
"x_opencti_cvss_v2_temporal_score", None
|
|
402
|
+
)
|
|
403
|
+
# CVSS4
|
|
404
|
+
x_opencti_cvss_v4_vector = kwargs.get("x_opencti_cvss_v4_vector", None)
|
|
405
|
+
x_opencti_cvss_v4_base_score = kwargs.get("x_opencti_cvss_v4_base_score", None)
|
|
406
|
+
x_opencti_cvss_v4_base_severity = kwargs.get(
|
|
407
|
+
"x_opencti_cvss_v4_base_severity", None
|
|
408
|
+
)
|
|
409
|
+
x_opencti_cvss_v4_attack_vector = kwargs.get(
|
|
410
|
+
"x_opencti_cvss_v4_attack_vector", None
|
|
411
|
+
)
|
|
412
|
+
x_opencti_cvss_v4_attack_complexity = kwargs.get(
|
|
413
|
+
"x_opencti_cvss_v4_attack_complexity", None
|
|
414
|
+
)
|
|
415
|
+
x_opencti_cvss_v4_attack_requirements = kwargs.get(
|
|
416
|
+
"x_opencti_cvss_v4_attack_requirements", None
|
|
417
|
+
)
|
|
418
|
+
x_opencti_cvss_v4_privileges_required = kwargs.get(
|
|
419
|
+
"x_opencti_cvss_v4_privileges_required", None
|
|
420
|
+
)
|
|
421
|
+
x_opencti_cvss_v4_user_interaction = kwargs.get(
|
|
422
|
+
"x_opencti_cvss_v4_user_interaction", None
|
|
310
423
|
)
|
|
424
|
+
x_opencti_cvss_v4_confidentiality_impact_v = kwargs.get(
|
|
425
|
+
"x_opencti_cvss_v4_confidentiality_impact_v", None
|
|
426
|
+
)
|
|
427
|
+
x_opencti_cvss_v4_confidentiality_impact_s = kwargs.get(
|
|
428
|
+
"x_opencti_cvss_v4_confidentiality_impact_s", None
|
|
429
|
+
)
|
|
430
|
+
x_opencti_cvss_v4_integrity_impact_v = kwargs.get(
|
|
431
|
+
"x_opencti_cvss_v4_integrity_impact_v", None
|
|
432
|
+
)
|
|
433
|
+
x_opencti_cvss_v4_integrity_impact_s = kwargs.get(
|
|
434
|
+
"x_opencti_cvss_v4_integrity_impact_s", None
|
|
435
|
+
)
|
|
436
|
+
x_opencti_cvss_v4_availability_impact_v = kwargs.get(
|
|
437
|
+
"x_opencti_cvss_v4_availability_impact_v", None
|
|
438
|
+
)
|
|
439
|
+
x_opencti_cvss_v4_availability_impact_s = kwargs.get(
|
|
440
|
+
"x_opencti_cvss_v4_availability_impact_s", None
|
|
441
|
+
)
|
|
442
|
+
x_opencti_cvss_v4_exploit_maturity = kwargs.get(
|
|
443
|
+
"x_opencti_cvss_v4_exploit_maturity", None
|
|
444
|
+
)
|
|
445
|
+
# Others
|
|
446
|
+
x_opencti_cwe = kwargs.get("x_opencti_cwe", None)
|
|
447
|
+
x_opencti_cisa_kev = kwargs.get("x_opencti_cisa_kev", None)
|
|
448
|
+
x_opencti_epss_score = kwargs.get("x_opencti_epss_score", None)
|
|
449
|
+
x_opencti_epss_percentile = kwargs.get("x_opencti_epss_percentile", None)
|
|
450
|
+
x_opencti_score = kwargs.get("x_opencti_score", None)
|
|
311
451
|
x_opencti_stix_ids = kwargs.get("x_opencti_stix_ids", None)
|
|
312
452
|
granted_refs = kwargs.get("objectOrganization", None)
|
|
313
453
|
x_opencti_workflow_id = kwargs.get("x_opencti_workflow_id", None)
|
|
@@ -343,15 +483,57 @@ class Vulnerability:
|
|
|
343
483
|
"name": name,
|
|
344
484
|
"description": description,
|
|
345
485
|
"x_opencti_aliases": x_opencti_aliases,
|
|
486
|
+
# CVSS3
|
|
487
|
+
"x_opencti_cvss_vector": x_opencti_cvss_vector,
|
|
346
488
|
"x_opencti_cvss_base_score": x_opencti_cvss_base_score,
|
|
347
489
|
"x_opencti_cvss_base_severity": x_opencti_cvss_base_severity,
|
|
348
490
|
"x_opencti_cvss_attack_vector": x_opencti_cvss_attack_vector,
|
|
491
|
+
"x_opencti_cvss_attack_complexity": x_opencti_cvss_attack_complexity,
|
|
492
|
+
"x_opencti_cvss_privileges_required": x_opencti_cvss_privileges_required,
|
|
493
|
+
"x_opencti_cvss_user_interaction": x_opencti_cvss_user_interaction,
|
|
494
|
+
"x_opencti_cvss_scope": x_opencti_cvss_scope,
|
|
495
|
+
"x_opencti_cvss_confidentiality_impact": x_opencti_cvss_confidentiality_impact,
|
|
349
496
|
"x_opencti_cvss_integrity_impact": x_opencti_cvss_integrity_impact,
|
|
350
497
|
"x_opencti_cvss_availability_impact": x_opencti_cvss_availability_impact,
|
|
351
|
-
"
|
|
498
|
+
"x_opencti_cvss_exploit_code_maturity": x_opencti_cvss_exploit_code_maturity,
|
|
499
|
+
"x_opencti_cvss_remediation_level": x_opencti_cvss_remediation_level,
|
|
500
|
+
"x_opencti_cvss_report_confidence": x_opencti_cvss_report_confidence,
|
|
501
|
+
"x_opencti_cvss_temporal_score": x_opencti_cvss_temporal_score,
|
|
502
|
+
# CVSS2
|
|
503
|
+
"x_opencti_cvss_v2_vector": x_opencti_cvss_v2_vector,
|
|
504
|
+
"x_opencti_cvss_v2_base_score": x_opencti_cvss_v2_base_score,
|
|
505
|
+
"x_opencti_cvss_v2_access_vector": x_opencti_cvss_v2_access_vector,
|
|
506
|
+
"x_opencti_cvss_v2_access_complexity": x_opencti_cvss_v2_access_complexity,
|
|
507
|
+
"x_opencti_cvss_v2_authentication": x_opencti_cvss_v2_authentication,
|
|
508
|
+
"x_opencti_cvss_v2_confidentiality_impact": x_opencti_cvss_v2_confidentiality_impact,
|
|
509
|
+
"x_opencti_cvss_v2_integrity_impact": x_opencti_cvss_v2_integrity_impact,
|
|
510
|
+
"x_opencti_cvss_v2_availability_impact": x_opencti_cvss_v2_availability_impact,
|
|
511
|
+
"x_opencti_cvss_v2_exploitability": x_opencti_cvss_v2_exploitability,
|
|
512
|
+
"x_opencti_cvss_v2_remediation_level": x_opencti_cvss_v2_remediation_level,
|
|
513
|
+
"x_opencti_cvss_v2_report_confidence": x_opencti_cvss_v2_report_confidence,
|
|
514
|
+
"x_opencti_cvss_v2_temporal_score": x_opencti_cvss_v2_temporal_score,
|
|
515
|
+
# CVSS 4
|
|
516
|
+
"x_opencti_cvss_v4_vector": x_opencti_cvss_v4_vector,
|
|
517
|
+
"x_opencti_cvss_v4_base_score": x_opencti_cvss_v4_base_score,
|
|
518
|
+
"x_opencti_cvss_v4_base_severity": x_opencti_cvss_v4_base_severity,
|
|
519
|
+
"x_opencti_cvss_v4_attack_vector": x_opencti_cvss_v4_attack_vector,
|
|
520
|
+
"x_opencti_cvss_v4_attack_complexity": x_opencti_cvss_v4_attack_complexity,
|
|
521
|
+
"x_opencti_cvss_v4_attack_requirements": x_opencti_cvss_v4_attack_requirements,
|
|
522
|
+
"x_opencti_cvss_v4_privileges_required": x_opencti_cvss_v4_privileges_required,
|
|
523
|
+
"x_opencti_cvss_v4_user_interaction": x_opencti_cvss_v4_user_interaction,
|
|
524
|
+
"x_opencti_cvss_v4_confidentiality_impact_v": x_opencti_cvss_v4_confidentiality_impact_v,
|
|
525
|
+
"x_opencti_cvss_v4_confidentiality_impact_s": x_opencti_cvss_v4_confidentiality_impact_s,
|
|
526
|
+
"x_opencti_cvss_v4_integrity_impact_v": x_opencti_cvss_v4_integrity_impact_v,
|
|
527
|
+
"x_opencti_cvss_v4_integrity_impact_s": x_opencti_cvss_v4_integrity_impact_s,
|
|
528
|
+
"x_opencti_cvss_v4_availability_impact_v": x_opencti_cvss_v4_availability_impact_v,
|
|
529
|
+
"x_opencti_cvss_v4_availability_impact_s": x_opencti_cvss_v4_availability_impact_s,
|
|
530
|
+
"x_opencti_cvss_v4_exploit_maturity": x_opencti_cvss_v4_exploit_maturity,
|
|
531
|
+
# Others
|
|
532
|
+
"x_opencti_cwe": x_opencti_cwe,
|
|
352
533
|
"x_opencti_cisa_kev": x_opencti_cisa_kev,
|
|
353
534
|
"x_opencti_epss_score": x_opencti_epss_score,
|
|
354
535
|
"x_opencti_epss_percentile": x_opencti_epss_percentile,
|
|
536
|
+
"x_opencti_score": x_opencti_score,
|
|
355
537
|
"x_opencti_stix_ids": x_opencti_stix_ids,
|
|
356
538
|
"x_opencti_workflow_id": x_opencti_workflow_id,
|
|
357
539
|
"update": update,
|
|
@@ -410,51 +592,258 @@ class Vulnerability:
|
|
|
410
592
|
stix_object["x_opencti_aliases"] = (
|
|
411
593
|
self.opencti.get_attribute_in_extension("aliases", stix_object)
|
|
412
594
|
)
|
|
595
|
+
# CVSS3
|
|
596
|
+
if "x_opencti_cvss_vector" not in stix_object:
|
|
597
|
+
stix_object["x_opencti_cvss_vector"] = (
|
|
598
|
+
self.opencti.get_attribute_in_extension("cvss_vector", stix_object)
|
|
599
|
+
)
|
|
413
600
|
if "x_opencti_cvss_base_score" not in stix_object:
|
|
414
601
|
stix_object["x_opencti_cvss_base_score"] = (
|
|
415
|
-
self.opencti.get_attribute_in_extension(
|
|
602
|
+
self.opencti.get_attribute_in_extension(
|
|
603
|
+
"cvss_base_score", stix_object
|
|
604
|
+
)
|
|
416
605
|
)
|
|
417
606
|
if "x_opencti_cvss_base_severity" not in stix_object:
|
|
418
607
|
stix_object["x_opencti_cvss_base_severity"] = (
|
|
419
608
|
self.opencti.get_attribute_in_extension(
|
|
420
|
-
"
|
|
609
|
+
"cvss_base_severity", stix_object
|
|
421
610
|
)
|
|
422
611
|
)
|
|
423
612
|
if "x_opencti_cvss_attack_vector" not in stix_object:
|
|
424
613
|
stix_object["x_opencti_cvss_attack_vector"] = (
|
|
425
614
|
self.opencti.get_attribute_in_extension(
|
|
426
|
-
"
|
|
615
|
+
"cvss_attack_vector", stix_object
|
|
616
|
+
)
|
|
617
|
+
)
|
|
618
|
+
if "x_opencti_cvss_attack_complexity" not in stix_object:
|
|
619
|
+
stix_object["x_opencti_cvss_attack_complexity"] = (
|
|
620
|
+
self.opencti.get_attribute_in_extension(
|
|
621
|
+
"cvss_attack_complexity", stix_object
|
|
622
|
+
)
|
|
623
|
+
)
|
|
624
|
+
if "x_opencti_cvss_privileges_required" not in stix_object:
|
|
625
|
+
stix_object["x_opencti_cvss_privileges_required"] = (
|
|
626
|
+
self.opencti.get_attribute_in_extension(
|
|
627
|
+
"cvss_privileges_required", stix_object
|
|
628
|
+
)
|
|
629
|
+
)
|
|
630
|
+
if "x_opencti_cvss_user_interaction" not in stix_object:
|
|
631
|
+
stix_object["x_opencti_cvss_user_interaction"] = (
|
|
632
|
+
self.opencti.get_attribute_in_extension(
|
|
633
|
+
"cvss_user_interaction", stix_object
|
|
634
|
+
)
|
|
635
|
+
)
|
|
636
|
+
if "x_opencti_cvss_scope" not in stix_object:
|
|
637
|
+
stix_object["x_opencti_cvss_scope"] = (
|
|
638
|
+
self.opencti.get_attribute_in_extension("cvss_scope", stix_object)
|
|
639
|
+
)
|
|
640
|
+
if "x_opencti_cvss_confidentiality_impact" not in stix_object:
|
|
641
|
+
stix_object["x_opencti_cvss_confidentiality_impact"] = (
|
|
642
|
+
self.opencti.get_attribute_in_extension(
|
|
643
|
+
"cvss_confidentiality_impact", stix_object
|
|
427
644
|
)
|
|
428
645
|
)
|
|
429
646
|
if "x_opencti_cvss_integrity_impact" not in stix_object:
|
|
430
647
|
stix_object["x_opencti_cvss_integrity_impact"] = (
|
|
431
648
|
self.opencti.get_attribute_in_extension(
|
|
432
|
-
"
|
|
649
|
+
"cvss_integrity_impact", stix_object
|
|
433
650
|
)
|
|
434
651
|
)
|
|
435
652
|
if "x_opencti_cvss_availability_impact" not in stix_object:
|
|
436
653
|
stix_object["x_opencti_cvss_availability_impact"] = (
|
|
437
654
|
self.opencti.get_attribute_in_extension(
|
|
438
|
-
"
|
|
655
|
+
"cvss_availability_impact", stix_object
|
|
439
656
|
)
|
|
440
657
|
)
|
|
441
|
-
if "
|
|
442
|
-
stix_object["
|
|
658
|
+
if "x_opencti_cvss_exploit_code_maturity" not in stix_object:
|
|
659
|
+
stix_object["x_opencti_cvss_exploit_code_maturity"] = (
|
|
443
660
|
self.opencti.get_attribute_in_extension(
|
|
444
|
-
"
|
|
661
|
+
"cvss_exploit_code_maturity", stix_object
|
|
445
662
|
)
|
|
446
663
|
)
|
|
447
|
-
if "
|
|
448
|
-
stix_object["
|
|
449
|
-
self.opencti.get_attribute_in_extension(
|
|
664
|
+
if "x_opencti_cvss_remediation_level" not in stix_object:
|
|
665
|
+
stix_object["x_opencti_cvss_remediation_level"] = (
|
|
666
|
+
self.opencti.get_attribute_in_extension(
|
|
667
|
+
"cvss_remediation_level", stix_object
|
|
668
|
+
)
|
|
669
|
+
)
|
|
670
|
+
if "x_opencti_cvss_report_confidence" not in stix_object:
|
|
671
|
+
stix_object["x_opencti_cvss_report_confidence"] = (
|
|
672
|
+
self.opencti.get_attribute_in_extension(
|
|
673
|
+
"cvss_report_confidence", stix_object
|
|
674
|
+
)
|
|
675
|
+
)
|
|
676
|
+
if "x_opencti_cvss_temporal_score" not in stix_object:
|
|
677
|
+
stix_object["x_opencti_cvss_temporal_score"] = (
|
|
678
|
+
self.opencti.get_attribute_in_extension(
|
|
679
|
+
"cvss_temporal_score", stix_object
|
|
680
|
+
)
|
|
681
|
+
)
|
|
682
|
+
|
|
683
|
+
# CVSS2
|
|
684
|
+
if "x_opencti_cvss_v2_vector" not in stix_object:
|
|
685
|
+
stix_object["x_opencti_cvss_v2_vector"] = (
|
|
686
|
+
self.opencti.get_attribute_in_extension(
|
|
687
|
+
"cvss_v2_vector", stix_object
|
|
688
|
+
)
|
|
689
|
+
)
|
|
690
|
+
if "x_opencti_cvss_v2_base_score" not in stix_object:
|
|
691
|
+
stix_object["x_opencti_cvss_v2_base_score"] = (
|
|
692
|
+
self.opencti.get_attribute_in_extension(
|
|
693
|
+
"cvss_v2_base_score", stix_object
|
|
694
|
+
)
|
|
695
|
+
)
|
|
696
|
+
if "x_opencti_cvss_v2_access_vector" not in stix_object:
|
|
697
|
+
stix_object["x_opencti_cvss_v2_access_vector"] = (
|
|
698
|
+
self.opencti.get_attribute_in_extension(
|
|
699
|
+
"cvss_v2_access_vector", stix_object
|
|
700
|
+
)
|
|
701
|
+
)
|
|
702
|
+
if "x_opencti_cvss_v2_access_complexity" not in stix_object:
|
|
703
|
+
stix_object["x_opencti_cvss_v2_access_complexity"] = (
|
|
704
|
+
self.opencti.get_attribute_in_extension(
|
|
705
|
+
"cvss_v2_access_complexity", stix_object
|
|
706
|
+
)
|
|
707
|
+
)
|
|
708
|
+
if "x_opencti_cvss_v2_authentication" not in stix_object:
|
|
709
|
+
stix_object["x_opencti_cvss_v2_authentication"] = (
|
|
710
|
+
self.opencti.get_attribute_in_extension(
|
|
711
|
+
"cvss_v2_authentication", stix_object
|
|
712
|
+
)
|
|
450
713
|
)
|
|
451
|
-
if "
|
|
452
|
-
stix_object["
|
|
453
|
-
self.opencti.get_attribute_in_extension(
|
|
714
|
+
if "x_opencti_cvss_v2_confidentiality_impact" not in stix_object:
|
|
715
|
+
stix_object["x_opencti_cvss_v2_confidentiality_impact"] = (
|
|
716
|
+
self.opencti.get_attribute_in_extension(
|
|
717
|
+
"cvss_v2_confidentiality_impact", stix_object
|
|
718
|
+
)
|
|
719
|
+
)
|
|
720
|
+
if "x_opencti_cvss_v2_integrity_impact" not in stix_object:
|
|
721
|
+
stix_object["x_opencti_cvss_v2_integrity_impact"] = (
|
|
722
|
+
self.opencti.get_attribute_in_extension(
|
|
723
|
+
"cvss_v2_integrity_impact", stix_object
|
|
724
|
+
)
|
|
454
725
|
)
|
|
455
|
-
if "
|
|
456
|
-
stix_object["
|
|
457
|
-
self.opencti.get_attribute_in_extension(
|
|
726
|
+
if "x_opencti_cvss_v2_availability_impact" not in stix_object:
|
|
727
|
+
stix_object["x_opencti_cvss_v2_availability_impact"] = (
|
|
728
|
+
self.opencti.get_attribute_in_extension(
|
|
729
|
+
"cvss_v2_availability_impact", stix_object
|
|
730
|
+
)
|
|
731
|
+
)
|
|
732
|
+
if "x_opencti_cvss_v2_exploitability" not in stix_object:
|
|
733
|
+
stix_object["x_opencti_cvss_v2_exploitability"] = (
|
|
734
|
+
self.opencti.get_attribute_in_extension(
|
|
735
|
+
"cvss_v2_exploitability", stix_object
|
|
736
|
+
)
|
|
737
|
+
)
|
|
738
|
+
if "x_opencti_cvss_v2_remediation_level" not in stix_object:
|
|
739
|
+
stix_object["x_opencti_cvss_v2_remediation_level"] = (
|
|
740
|
+
self.opencti.get_attribute_in_extension(
|
|
741
|
+
"cvss_v2_remediation_level", stix_object
|
|
742
|
+
)
|
|
743
|
+
)
|
|
744
|
+
if "x_opencti_cvss_v2_report_confidence" not in stix_object:
|
|
745
|
+
stix_object["x_opencti_cvss_v2_report_confidence"] = (
|
|
746
|
+
self.opencti.get_attribute_in_extension(
|
|
747
|
+
"cvss_v2_report_confidence", stix_object
|
|
748
|
+
)
|
|
749
|
+
)
|
|
750
|
+
if "x_opencti_cvss_v2_temporal_score" not in stix_object:
|
|
751
|
+
stix_object["x_opencti_cvss_v2_temporal_score"] = (
|
|
752
|
+
self.opencti.get_attribute_in_extension(
|
|
753
|
+
"cvss_v2_temporal_score", stix_object
|
|
754
|
+
)
|
|
755
|
+
)
|
|
756
|
+
|
|
757
|
+
# CVSS4
|
|
758
|
+
if "x_opencti_cvss_v4_vector" not in stix_object:
|
|
759
|
+
stix_object["x_opencti_cvss_v4_vector"] = (
|
|
760
|
+
self.opencti.get_attribute_in_extension(
|
|
761
|
+
"cvss_v4_vector", stix_object
|
|
762
|
+
)
|
|
763
|
+
)
|
|
764
|
+
if "x_opencti_cvss_v4_base_score" not in stix_object:
|
|
765
|
+
stix_object["x_opencti_cvss_v4_base_score"] = (
|
|
766
|
+
self.opencti.get_attribute_in_extension(
|
|
767
|
+
"cvss_v4_base_score", stix_object
|
|
768
|
+
)
|
|
769
|
+
)
|
|
770
|
+
if "x_opencti_cvss_v4_base_severity" not in stix_object:
|
|
771
|
+
stix_object["x_opencti_cvss_v4_base_severity"] = (
|
|
772
|
+
self.opencti.get_attribute_in_extension(
|
|
773
|
+
"cvss_v4_base_severity", stix_object
|
|
774
|
+
)
|
|
775
|
+
)
|
|
776
|
+
if "x_opencti_cvss_v4_attack_vector" not in stix_object:
|
|
777
|
+
stix_object["x_opencti_cvss_v4_attack_vector"] = (
|
|
778
|
+
self.opencti.get_attribute_in_extension(
|
|
779
|
+
"cvss_v4_attack_vector", stix_object
|
|
780
|
+
)
|
|
781
|
+
)
|
|
782
|
+
if "x_opencti_cvss_v4_attack_complexity" not in stix_object:
|
|
783
|
+
stix_object["x_opencti_cvss_v4_attack_complexity"] = (
|
|
784
|
+
self.opencti.get_attribute_in_extension(
|
|
785
|
+
"cvss_v4_attack_complexity", stix_object
|
|
786
|
+
)
|
|
787
|
+
)
|
|
788
|
+
if "x_opencti_cvss_v4_attack_requirements" not in stix_object:
|
|
789
|
+
stix_object["x_opencti_cvss_v4_attack_requirements"] = (
|
|
790
|
+
self.opencti.get_attribute_in_extension(
|
|
791
|
+
"cvss_v4_attack_requirements", stix_object
|
|
792
|
+
)
|
|
793
|
+
)
|
|
794
|
+
if "x_opencti_cvss_v4_privileges_required" not in stix_object:
|
|
795
|
+
stix_object["x_opencti_cvss_v4_privileges_required"] = (
|
|
796
|
+
self.opencti.get_attribute_in_extension(
|
|
797
|
+
"cvss_v4_privileges_required", stix_object
|
|
798
|
+
)
|
|
799
|
+
)
|
|
800
|
+
if "x_opencti_cvss_v4_user_interaction" not in stix_object:
|
|
801
|
+
stix_object["x_opencti_cvss_v4_user_interaction"] = (
|
|
802
|
+
self.opencti.get_attribute_in_extension(
|
|
803
|
+
"cvss_v4_user_interaction", stix_object
|
|
804
|
+
)
|
|
805
|
+
)
|
|
806
|
+
if "x_opencti_cvss_v4_confidentiality_impact_v" not in stix_object:
|
|
807
|
+
stix_object["x_opencti_cvss_v4_confidentiality_impact_v"] = (
|
|
808
|
+
self.opencti.get_attribute_in_extension(
|
|
809
|
+
"cvss_v4_confidentiality_impact_v", stix_object
|
|
810
|
+
)
|
|
811
|
+
)
|
|
812
|
+
if "x_opencti_cvss_v4_confidentiality_impact_s" not in stix_object:
|
|
813
|
+
stix_object["x_opencti_cvss_v4_confidentiality_impact_s"] = (
|
|
814
|
+
self.opencti.get_attribute_in_extension(
|
|
815
|
+
"cvss_v4_confidentiality_impact_s", stix_object
|
|
816
|
+
)
|
|
817
|
+
)
|
|
818
|
+
if "x_opencti_cvss_v4_integrity_impact_v" not in stix_object:
|
|
819
|
+
stix_object["x_opencti_cvss_v4_integrity_impact_v"] = (
|
|
820
|
+
self.opencti.get_attribute_in_extension(
|
|
821
|
+
"cvss_v4_integrity_impact_v", stix_object
|
|
822
|
+
)
|
|
823
|
+
)
|
|
824
|
+
if "x_opencti_cvss_v4_integrity_impact_s" not in stix_object:
|
|
825
|
+
stix_object["x_opencti_cvss_v4_integrity_impact_s"] = (
|
|
826
|
+
self.opencti.get_attribute_in_extension(
|
|
827
|
+
"cvss_v4_integrity_impact_s", stix_object
|
|
828
|
+
)
|
|
829
|
+
)
|
|
830
|
+
if "x_opencti_cvss_v4_availability_impact_v" not in stix_object:
|
|
831
|
+
stix_object["x_opencti_cvss_v4_availability_impact_v"] = (
|
|
832
|
+
self.opencti.get_attribute_in_extension(
|
|
833
|
+
"cvss_v4_availability_impact_v", stix_object
|
|
834
|
+
)
|
|
835
|
+
)
|
|
836
|
+
if "x_opencti_cvss_v4_exploit_maturity" not in stix_object:
|
|
837
|
+
stix_object["x_opencti_cvss_v4_exploit_maturity"] = (
|
|
838
|
+
self.opencti.get_attribute_in_extension(
|
|
839
|
+
"cvss_v4_exploit_maturity", stix_object
|
|
840
|
+
)
|
|
841
|
+
)
|
|
842
|
+
|
|
843
|
+
# Others
|
|
844
|
+
if "x_opencti_cwe" not in stix_object:
|
|
845
|
+
stix_object["x_opencti_cwe"] = self.opencti.get_attribute_in_extension(
|
|
846
|
+
"cwe", stix_object
|
|
458
847
|
)
|
|
459
848
|
if "x_opencti_cisa_kev" not in stix_object:
|
|
460
849
|
stix_object["x_opencti_cisa_kev"] = (
|
|
@@ -470,6 +859,10 @@ class Vulnerability:
|
|
|
470
859
|
"epss_percentile", stix_object
|
|
471
860
|
)
|
|
472
861
|
)
|
|
862
|
+
if "x_opencti_score" not in stix_object:
|
|
863
|
+
stix_object["x_opencti_score"] = (
|
|
864
|
+
self.opencti.get_attribute_in_extension("score", stix_object)
|
|
865
|
+
)
|
|
473
866
|
|
|
474
867
|
return self.create(
|
|
475
868
|
stix_id=stix_object["id"],
|
|
@@ -507,6 +900,27 @@ class Vulnerability:
|
|
|
507
900
|
if "x_opencti_aliases" in stix_object
|
|
508
901
|
else None
|
|
509
902
|
),
|
|
903
|
+
x_opencti_stix_ids=(
|
|
904
|
+
stix_object["x_opencti_stix_ids"]
|
|
905
|
+
if "x_opencti_stix_ids" in stix_object
|
|
906
|
+
else None
|
|
907
|
+
),
|
|
908
|
+
objectOrganization=(
|
|
909
|
+
stix_object["x_opencti_granted_refs"]
|
|
910
|
+
if "x_opencti_granted_refs" in stix_object
|
|
911
|
+
else None
|
|
912
|
+
),
|
|
913
|
+
x_opencti_workflow_id=(
|
|
914
|
+
stix_object["x_opencti_workflow_id"]
|
|
915
|
+
if "x_opencti_workflow_id" in stix_object
|
|
916
|
+
else None
|
|
917
|
+
),
|
|
918
|
+
# CVSS3
|
|
919
|
+
x_opencti_cvss_vector=(
|
|
920
|
+
stix_object["x_opencti_cvss_vector"]
|
|
921
|
+
if "x_opencti_cvss_vector" in stix_object
|
|
922
|
+
else None
|
|
923
|
+
),
|
|
510
924
|
x_opencti_cvss_base_score=(
|
|
511
925
|
stix_object["x_opencti_cvss_base_score"]
|
|
512
926
|
if "x_opencti_cvss_base_score" in stix_object
|
|
@@ -522,6 +936,31 @@ class Vulnerability:
|
|
|
522
936
|
if "x_opencti_cvss_attack_vector" in stix_object
|
|
523
937
|
else None
|
|
524
938
|
),
|
|
939
|
+
x_opencti_cvss_attack_complexity=(
|
|
940
|
+
stix_object["x_opencti_cvss_attack_complexity"]
|
|
941
|
+
if "x_opencti_cvss_attack_complexity" in stix_object
|
|
942
|
+
else None
|
|
943
|
+
),
|
|
944
|
+
x_opencti_cvss_privileges_required=(
|
|
945
|
+
stix_object["x_opencti_cvss_privileges_required"]
|
|
946
|
+
if "x_opencti_cvss_privileges_required" in stix_object
|
|
947
|
+
else None
|
|
948
|
+
),
|
|
949
|
+
x_opencti_cvss_user_interaction=(
|
|
950
|
+
stix_object["x_opencti_cvss_user_interaction"]
|
|
951
|
+
if "x_opencti_cvss_user_interaction" in stix_object
|
|
952
|
+
else None
|
|
953
|
+
),
|
|
954
|
+
x_opencti_cvss_scope=(
|
|
955
|
+
stix_object["x_opencti_cvss_scope"]
|
|
956
|
+
if "x_opencti_cvss_scope" in stix_object
|
|
957
|
+
else None
|
|
958
|
+
),
|
|
959
|
+
x_opencti_cvss_confidentiality_impact=(
|
|
960
|
+
stix_object["x_opencti_cvss_confidentiality_impact"]
|
|
961
|
+
if "x_opencti_cvss_confidentiality_impact" in stix_object
|
|
962
|
+
else None
|
|
963
|
+
),
|
|
525
964
|
x_opencti_cvss_integrity_impact=(
|
|
526
965
|
stix_object["x_opencti_cvss_integrity_impact"]
|
|
527
966
|
if "x_opencti_cvss_integrity_impact" in stix_object
|
|
@@ -532,24 +971,167 @@ class Vulnerability:
|
|
|
532
971
|
if "x_opencti_cvss_availability_impact" in stix_object
|
|
533
972
|
else None
|
|
534
973
|
),
|
|
535
|
-
|
|
536
|
-
stix_object["
|
|
537
|
-
if "
|
|
974
|
+
x_opencti_cvss_exploit_code_maturity=(
|
|
975
|
+
stix_object["x_opencti_cvss_exploit_code_maturity"]
|
|
976
|
+
if "x_opencti_cvss_exploit_code_maturity" in stix_object
|
|
538
977
|
else None
|
|
539
978
|
),
|
|
540
|
-
|
|
541
|
-
stix_object["
|
|
542
|
-
if "
|
|
979
|
+
x_opencti_cvss_remediation_level=(
|
|
980
|
+
stix_object["x_opencti_cvss_remediation_level"]
|
|
981
|
+
if "x_opencti_cvss_remediation_level" in stix_object
|
|
543
982
|
else None
|
|
544
983
|
),
|
|
545
|
-
|
|
546
|
-
stix_object["
|
|
547
|
-
if "
|
|
984
|
+
x_opencti_cvss_report_confidence=(
|
|
985
|
+
stix_object["x_opencti_cvss_report_confidence"]
|
|
986
|
+
if "x_opencti_cvss_report_confidence" in stix_object
|
|
548
987
|
else None
|
|
549
988
|
),
|
|
550
|
-
|
|
551
|
-
stix_object["
|
|
552
|
-
if "
|
|
989
|
+
x_opencti_cvss_temporal_score=(
|
|
990
|
+
stix_object["x_opencti_cvss_temporal_score"]
|
|
991
|
+
if "x_opencti_cvss_temporal_score" in stix_object
|
|
992
|
+
else None
|
|
993
|
+
),
|
|
994
|
+
# CVSS2
|
|
995
|
+
x_opencti_cvss_v2_vector=(
|
|
996
|
+
stix_object["x_opencti_cvss_v2_vector"]
|
|
997
|
+
if "x_opencti_cvss_v2_vector" in stix_object
|
|
998
|
+
else None
|
|
999
|
+
),
|
|
1000
|
+
x_opencti_cvss_v2_base_score=(
|
|
1001
|
+
stix_object["x_opencti_cvss_v2_base_score"]
|
|
1002
|
+
if "x_opencti_cvss_v2_base_score" in stix_object
|
|
1003
|
+
else None
|
|
1004
|
+
),
|
|
1005
|
+
x_opencti_cvss_v2_access_vector=(
|
|
1006
|
+
stix_object["x_opencti_cvss_v2_access_vector"]
|
|
1007
|
+
if "x_opencti_cvss_v2_access_vector" in stix_object
|
|
1008
|
+
else None
|
|
1009
|
+
),
|
|
1010
|
+
x_opencti_cvss_v2_access_complexity=(
|
|
1011
|
+
stix_object["x_opencti_cvss_v2_access_complexity"]
|
|
1012
|
+
if "x_opencti_cvss_v2_access_complexity" in stix_object
|
|
1013
|
+
else None
|
|
1014
|
+
),
|
|
1015
|
+
x_opencti_cvss_v2_authentication=(
|
|
1016
|
+
stix_object["x_opencti_cvss_v2_authentication"]
|
|
1017
|
+
if "x_opencti_cvss_v2_authentication" in stix_object
|
|
1018
|
+
else None
|
|
1019
|
+
),
|
|
1020
|
+
x_opencti_cvss_v2_confidentiality_impact=(
|
|
1021
|
+
stix_object["x_opencti_cvss_v2_confidentiality_impact"]
|
|
1022
|
+
if "x_opencti_cvss_v2_confidentiality_impact" in stix_object
|
|
1023
|
+
else None
|
|
1024
|
+
),
|
|
1025
|
+
x_opencti_cvss_v2_integrity_impact=(
|
|
1026
|
+
stix_object["x_opencti_cvss_v2_integrity_impact"]
|
|
1027
|
+
if "x_opencti_cvss_v2_integrity_impact" in stix_object
|
|
1028
|
+
else None
|
|
1029
|
+
),
|
|
1030
|
+
x_opencti_cvss_v2_availability_impact=(
|
|
1031
|
+
stix_object["x_opencti_cvss_v2_availability_impact"]
|
|
1032
|
+
if "x_opencti_cvss_v2_availability_impact" in stix_object
|
|
1033
|
+
else None
|
|
1034
|
+
),
|
|
1035
|
+
x_opencti_cvss_v2_exploitability=(
|
|
1036
|
+
stix_object["x_opencti_cvss_v2_exploitability"]
|
|
1037
|
+
if "x_opencti_cvss_v2_exploitability" in stix_object
|
|
1038
|
+
else None
|
|
1039
|
+
),
|
|
1040
|
+
x_opencti_cvss_v2_remediation_level=(
|
|
1041
|
+
stix_object["x_opencti_cvss_v2_remediation_level"]
|
|
1042
|
+
if "x_opencti_cvss_v2_remediation_level" in stix_object
|
|
1043
|
+
else None
|
|
1044
|
+
),
|
|
1045
|
+
x_opencti_cvss_v2_report_confidence=(
|
|
1046
|
+
stix_object["x_opencti_cvss_v2_report_confidence"]
|
|
1047
|
+
if "x_opencti_cvss_v2_report_confidence" in stix_object
|
|
1048
|
+
else None
|
|
1049
|
+
),
|
|
1050
|
+
x_opencti_cvss_v2_temporal_score=(
|
|
1051
|
+
stix_object["x_opencti_cvss_v2_temporal_score"]
|
|
1052
|
+
if "x_opencti_cvss_v2_temporal_score" in stix_object
|
|
1053
|
+
else None
|
|
1054
|
+
),
|
|
1055
|
+
# CVSS4
|
|
1056
|
+
x_opencti_cvss_v4_vector=(
|
|
1057
|
+
stix_object["x_opencti_cvss_v4_vector"]
|
|
1058
|
+
if "x_opencti_cvss_v4_vector" in stix_object
|
|
1059
|
+
else None
|
|
1060
|
+
),
|
|
1061
|
+
x_opencti_cvss_v4_base_score=(
|
|
1062
|
+
stix_object["x_opencti_cvss_v4_base_score"]
|
|
1063
|
+
if "x_opencti_cvss_v4_base_score" in stix_object
|
|
1064
|
+
else None
|
|
1065
|
+
),
|
|
1066
|
+
x_opencti_cvss_v4_base_severity=(
|
|
1067
|
+
stix_object["x_opencti_cvss_v4_base_severity"]
|
|
1068
|
+
if "x_opencti_cvss_v4_base_severity" in stix_object
|
|
1069
|
+
else None
|
|
1070
|
+
),
|
|
1071
|
+
x_opencti_cvss_v4_attack_vector=(
|
|
1072
|
+
stix_object["x_opencti_cvss_v4_attack_vector"]
|
|
1073
|
+
if "x_opencti_cvss_v4_attack_vector" in stix_object
|
|
1074
|
+
else None
|
|
1075
|
+
),
|
|
1076
|
+
x_opencti_cvss_v4_attack_complexity=(
|
|
1077
|
+
stix_object["x_opencti_cvss_v4_attack_complexity"]
|
|
1078
|
+
if "x_opencti_cvss_v4_attack_complexity" in stix_object
|
|
1079
|
+
else None
|
|
1080
|
+
),
|
|
1081
|
+
x_opencti_cvss_v4_attack_requirements=(
|
|
1082
|
+
stix_object["x_opencti_cvss_v4_attack_requirements"]
|
|
1083
|
+
if "x_opencti_cvss_v4_attack_requirements" in stix_object
|
|
1084
|
+
else None
|
|
1085
|
+
),
|
|
1086
|
+
x_opencti_cvss_v4_privileges_required=(
|
|
1087
|
+
stix_object["x_opencti_cvss_v4_privileges_required"]
|
|
1088
|
+
if "x_opencti_cvss_v4_privileges_required" in stix_object
|
|
1089
|
+
else None
|
|
1090
|
+
),
|
|
1091
|
+
x_opencti_cvss_v4_user_interaction=(
|
|
1092
|
+
stix_object["x_opencti_cvss_v4_user_interaction"]
|
|
1093
|
+
if "x_opencti_cvss_v4_user_interaction" in stix_object
|
|
1094
|
+
else None
|
|
1095
|
+
),
|
|
1096
|
+
x_opencti_cvss_v4_confidentiality_impact_v=(
|
|
1097
|
+
stix_object["x_opencti_cvss_v4_confidentiality_impact_v"]
|
|
1098
|
+
if "x_opencti_cvss_v4_confidentiality_impact_v" in stix_object
|
|
1099
|
+
else None
|
|
1100
|
+
),
|
|
1101
|
+
x_opencti_cvss_v4_confidentiality_impact_s=(
|
|
1102
|
+
stix_object["x_opencti_cvss_v4_confidentiality_impact_s"]
|
|
1103
|
+
if "x_opencti_cvss_v4_confidentiality_impact_s" in stix_object
|
|
1104
|
+
else None
|
|
1105
|
+
),
|
|
1106
|
+
x_opencti_cvss_v4_integrity_impact_v=(
|
|
1107
|
+
stix_object["x_opencti_cvss_v4_integrity_impact_v"]
|
|
1108
|
+
if "x_opencti_cvss_v4_integrity_impact_v" in stix_object
|
|
1109
|
+
else None
|
|
1110
|
+
),
|
|
1111
|
+
x_opencti_cvss_v4_integrity_impact_s=(
|
|
1112
|
+
stix_object["x_opencti_cvss_v4_integrity_impact_s"]
|
|
1113
|
+
if "x_opencti_cvss_v4_integrity_impact_s" in stix_object
|
|
1114
|
+
else None
|
|
1115
|
+
),
|
|
1116
|
+
x_opencti_cvss_v4_availability_impact_v=(
|
|
1117
|
+
stix_object["x_opencti_cvss_v4_availability_impact_v"]
|
|
1118
|
+
if "x_opencti_cvss_v4_availability_impact_v" in stix_object
|
|
1119
|
+
else None
|
|
1120
|
+
),
|
|
1121
|
+
x_opencti_cvss_v4_availability_impact_s=(
|
|
1122
|
+
stix_object["x_opencti_cvss_v4_availability_impact_s"]
|
|
1123
|
+
if "x_opencti_cvss_v4_availability_impact_s" in stix_object
|
|
1124
|
+
else None
|
|
1125
|
+
),
|
|
1126
|
+
x_opencti_cvss_v4_exploit_maturity=(
|
|
1127
|
+
stix_object["x_opencti_cvss_v4_exploit_maturity"]
|
|
1128
|
+
if "x_opencti_cvss_v4_exploit_maturity" in stix_object
|
|
1129
|
+
else None
|
|
1130
|
+
),
|
|
1131
|
+
# Others
|
|
1132
|
+
x_opencti_cwe=(
|
|
1133
|
+
stix_object["x_opencti_cwe"]
|
|
1134
|
+
if "x_opencti_cwe" in stix_object
|
|
553
1135
|
else None
|
|
554
1136
|
),
|
|
555
1137
|
x_opencti_cisa_kev=(
|
|
@@ -567,6 +1149,11 @@ class Vulnerability:
|
|
|
567
1149
|
if "x_opencti_epss_percentile" in stix_object
|
|
568
1150
|
else None
|
|
569
1151
|
),
|
|
1152
|
+
x_opencti_score=(
|
|
1153
|
+
stix_object["x_opencti_score"]
|
|
1154
|
+
if "x_opencti_score" in stix_object
|
|
1155
|
+
else None
|
|
1156
|
+
),
|
|
570
1157
|
update=update,
|
|
571
1158
|
)
|
|
572
1159
|
else:
|