CWE attribute

.pre-commit-config.yaml

@@ -14,6 +14,7 @@ repos:
       additional_dependencies: [flake8-docstrings]
       args: [--max-line-length=142]
       types: ['python']
+      exclude: ^src/core/migrations/versions
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.4.0

README.md

@@ -129,10 +129,10 @@ a new ACL by clicking `Add new`. You can pick any particular item type
 Item, Report Item Type, Word List) and then grant *see*, *access*, or *modify*
 access types to everyone, selected users, or selected roles.
 
-### Uploading the CPE and CVE dictionaries
+### Uploading the CPE, CWE and CVE dictionaries
 
-In order to simplify the process of writing advisories, you can have CPE
-dictionary and a current list of CVEs preloaded in Taranis NG.
+In order to simplify the process of writing advisories, you can have CPE, CWE
+dictionaries and a current list of CVEs preloaded in Taranis NG.
 
 1. Download the official CPE dictionary from
 [nvd.nist.gov/products/cpe](https://nvd.nist.gov/products/cpe) in gz format.
@@ -153,6 +153,16 @@ gzcat allitems.xml.gz | \
     docker exec -i taranis-ng_core_1 python manage.py dictionary --upload-cve
 ```
 
+5. Download the official CWE list from
+[cwe.mitre.org/data/downloads.html](https://cwe.mitre.org/data/downloads.html)
+in xml.zip format.
+
+6. Upload the dictionary to the proper path, and import into the database
+```bash
+gzcat cwec_latest.xml.zip | \
+    docker exec -i taranis-ng_core_1 python manage.py dictionary --upload-cwe
+```
+
 ### Using the default stop lists for better tag cloud
 
 1. Visit Configuration -> Word Lists.

docker/.env

@@ -21,6 +21,7 @@ COLLECTOR_PRESENTER_PUBLISHER_API_KEY=supersecret
 # Paths
 CVE_UPDATE_FILE=/data/cve_dictionary.xml
 CPE_UPDATE_FILE=/data/cpe_dictionary.xml
+CWE_UPDATE_FILE=/data/cwe_dictionary.xml
 
 # Web host and ports
 TARANIS_NG_HOSTNAME=localhost

docker/README.md

@@ -192,7 +192,7 @@ Currently, you may manage the following:
 | `account`     | (WIP) List, create, edit and delete user accounts. | `--list`, `-l` : list all user accounts<br /> `--create`, `-c` : create a new user account<br /> `--edit`, `-e` : edit an existing user account<br /> `--delete`, `-d` : delete a user account<br /> `--username` : specify the username<br /> `--name` : specify the user's name<br /> `--password` : specify the user's password<br /> `--roles` : specify a list of roles, divided by a comma (`,`), that the user belongs to |
 | `role`     | (WIP) List, create, edit and delete user roles. | `--list`, `-l` : list all roles<br /> `--filter`, `-f` : filter roles by their name or description<br /> `--create`, `-c` : create a new role<br /> `--edit`, `-e` : edit an existing role<br /> `--delete`, `-d` : delete a role<br /> `--id` : specify the role id (in combination with `--edit` or `--delete`)<br /> `--name` : specify the role name<br /> `--description` : specify the role description (default is `""`)<br /> `--permissions` : specify a list of permissions, divided with a comma (`,`), that the role would allow |
 | `collector`     | (WIP) List, create, edit, delete and update collector nodes. | `--list`, `-l` : list all collector nodes<br /> `--create`, `-c` : create a new node<br /> `--edit`, `-e` : edit an existing node<br /> `--delete`, `-d` : delete a node<br /> `--update`, `-u` : re-initialize collector node<br /> `--all`, `-a` : update all collector nodes (in combination with `--update`)<br /> `--show-api-key` : show API key in plaintext (in combination with `--list`)<br /> `--id` : specify the node id (in combination with `--edit`, `--delete` or `--update`)<br /> `--name` : specify the node name<br /> `--description` : specify the collector description (default is `""`)<br /> `--api-url` : specify the collector node API url<br /> `--api-key` : specify the collector node API key |
-| `dictionary`     | Update CPE and CVE dictionaries. | `--upload-cpe` : upload the CPE dictionary (expected on STDIN in XML format) to the path indicated by `CPE_UPDATE_FILE` environment variable, and update the database from that file.<br /> `--upload-cve` : upload the CVE dictionary (expected on STDIN in XML format) to the path indicated by `CVE_UPDATE_FILE`, and update the database from that file |
+| `dictionary`     | Update CPE, CWE and CVE dictionaries. | `--upload-cpe` : upload the CPE dictionary (expected on STDIN in XML format) to the path indicated by `CPE_UPDATE_FILE` environment variable, and update the database from that file.<br /> `--upload-cve` : upload the CVE dictionary (expected on STDIN in XML format) to the path indicated by `CVE_UPDATE_FILE` environment variable, and update the database from that file.<br /> `--upload-cwe` : upload the CWE dictionary (expected on STDIN in XML format) to the path indicated by `CWE_UPDATE_FILE` environment variable, and update the database from that file. |
 | `apikey`     | List, create and delete apikeys. | `--list`, `-l` : list all apikeys<br /> `--create`, `-c` : create a new apikey<br /> `--delete`, `-d` : delete a apikey<br /> `--name` : specify the apikey name<br /> `--user` : specify the user's name<br /> `--expires` : specify the apikey expiration datetime |
 
 

docker/docker-compose.yml

@@ -63,6 +63,7 @@ services:
 
       CVE_UPDATE_FILE: "${CVE_UPDATE_FILE}"
       CPE_UPDATE_FILE: "${CPE_UPDATE_FILE}"
+      CWE_UPDATE_FILE: "${CWE_UPDATE_FILE}"
 
       TZ: "${TZ}"
       DEBUG: "true"