update nvd fields #30799
update nvd fields #30799
Conversation
update and align the fields for NVD into CVE default layout and fix the cvss field which had json blob in it to extract teh base score, align with security PANW security advisories integration
content-bot
added
Community
Contribution Form Filled
content-bot
changed the base branch from
master
to
contrib/epartington_epartington-nvd-update-cvss
|
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @MosheEichler will know the proposed changes are ready to be reviewed. |
updating the yml line endings requirement
There was a problem hiding this comment.
Hi @epartington,
Thank you for your contribution!
Good work :)
Please see my commetn
Please feel free to reach out to me with any questions - I'm available here or on slack :)
Thanks again
| fields['cvss'] = cvss_v3.get('baseScore') | ||
| fields['cvssscore'] = cvss_v3.get('baseScore') |
There was a problem hiding this comment.
Is the cvss & cvssscore the same value?
There was a problem hiding this comment.
yes they are the same score. The default CVE layout has both listed as fields and there is a field driven automation that leverage the cvss score to show a colored number at the top of the layout. The current integrations were not writing to CVSS Score so the layout was always blank and not showing value. So I added the integration to write to both which helps fill out the layout better OOTB.
MosheEichler
added
the
pending-contributor
|
Hey @epartington, the code looks good! We're ready for a demo. Please check this page, and let me know when you're available for one over DFIR. |
|
@MosheEichler what about Nov 20 8:30-9 AM EST for a quick demo? |
adding comments and duplicating description and cvedescription fields so the default layout for CVE does not have to be updated
MosheEichler
merged commit e96a605
into
demisto:contrib/epartington_epartington-nvd-update-cvss
* update nvd fields (demisto#30799) * update nvd fields update and align the fields for NVD into CVE default layout and fix the cvss field which had json blob in it to extract teh base score, align with security PANW security advisories integration * Update NationalVulnerabilityDatabaseFeed.yml updating the yml line endings requirement * update field and release notes adding comments and duplicating description and cvedescription fields so the default layout for CVE does not have to be updated * docker --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>
* update nvd fields (#30799) * update nvd fields update and align the fields for NVD into CVE default layout and fix the cvss field which had json blob in it to extract teh base score, align with security PANW security advisories integration * Update NationalVulnerabilityDatabaseFeed.yml updating the yml line endings requirement * update field and release notes adding comments and duplicating description and cvedescription fields so the default layout for CVE does not have to be updated * docker --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>
update and align the fields for NVD into CVE default layout and fix the cvss field which had json blob in it to extract teh base score, align with security PANW security advisories integration
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
Update and align the fields for NVD into CVE default layout and fix the cvss field which had json blob in it to extract the base score, align with security PANW security advisories integration
cvsstable, cvss, cvssversion now written accurately
Must have