Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Words about CWE in Information Sources are out of date #529

Open
ahouseholder opened this issue Mar 5, 2024 · 0 comments
Open

Words about CWE in Information Sources are out of date #529

ahouseholder opened this issue Mar 5, 2024 · 0 comments
Labels
bug Something isn't working documentation Improvements or additions to documentation

Comments

@ahouseholder
Copy link
Contributor

Due to

which added a list of CWEs,
the following content should be revised.

### CWE and Exploitation
As mentioned in the discussion of [*Exploitation*](../reference/decision_points/exploitation.md), [CWE](https://cwe.mitre.org/) could be used to inform one of the conditions that satisfy [*proof of concept*](../reference/decision_points/exploitation.md).
For some classes of vulnerabilities, the proof of concept is well known because the method of exploitation is already part of open-source tools.
For example, on-path attacker scenarios for intercepting TLS certificates.
These scenarios are a cluster of related vulnerabilities.
Since CWE classifies clusters of related vulnerabilities, the community could likely curate a list of CWE-IDs for which this condition of well known exploit technique is satisfied.
Once that list were curated, it could be used to automatically populate a CVE-ID as [*proof of concept*](../reference/decision_points/exploitation.md) if the CWE-ID of which it is an instance is on the list.
Such a check could not be exhaustive, since there are other conditions that satisfy [*proof of concept*](../reference/decision_points/exploitation.md).
If paired with automatic searches for exploit code in public repositories, these checks would cover many scenarios.
If paired with active exploitation feeds discussed above, then the value of [*Exploitation*](../reference/decision_points/exploitation.md) could be determined almost entirely from available information without direct analyst involvement at each organization.

(it's no longer a possible future, we have the list now)

@ahouseholder ahouseholder added bug Something isn't working documentation Improvements or additions to documentation labels Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working documentation Improvements or additions to documentation
Projects
None yet
Development

No branches or pull requests

1 participant