Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CISA KEV connector doesn't update objects #3315

Open
security-penguin opened this issue Jan 17, 2025 · 1 comment
Open

CISA KEV connector doesn't update objects #3315

security-penguin opened this issue Jan 17, 2025 · 1 comment
Labels
bug use for describing something not working as expected filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. needs triage use to identify issue needing triage from Filigran Product team
Milestone
Bugs backlog

Comments

@security-penguin
Copy link

Description

CISA KEV Connector is not setting the x_opencti_cisa_kev field due to send_bundle not setting the update flag and the update flag defaulting to False.

Environment

  1. OS: OpenCTI Container
  2. OpenCTI version: 6.4.5
  3. OpenCTI client: n/a
  4. Other environment details: CISA known vulnerability connector...but this is probably more a default behaviour issue with pyCTI

Reproducible Steps

Steps to create the smallest reproducible scenario:

  1. Create a CVE that is in the CISA KEV list or have it created via another connector
  2. Run CISA KEV
  3. Data for object is not updated

Expected Output

for the vulnerability entity to updated and the x_opencti_cisa_kev field to be set.

Actual Output

x_opencti_cisa_kev is not set.

Additional information

Appears to be a issue with either not setting the update flag or the default behaviour of PyCTI

Screenshots (optional)
@security-penguin security-penguin added bug use for describing something not working as expected needs triage use to identify issue needing triage from Filigran Product team labels Jan 17, 2025
@security-penguin security-penguin mentioned this issue Jan 18, 2025
Open
@security-penguin
Copy link
Author

Submitted fix here: #3316

@nino-filigran nino-filigran added the filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. label Jan 23, 2025
@nino-filigran nino-filigran added this to the Bugs backlog milestone Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug use for describing something not working as expected filigran support [optional] use to identify an issue related to feature developed & maintained by Filigran. needs triage use to identify issue needing triage from Filigran Product team
Projects
None yet
Milestone
Bugs backlog
Development

No branches or pull requests
2 participants
@security-penguin @nino-filigran