Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated tagging of KEV (Known exploited vulnerabilities catalog) to CVEs #2322

Closed
ehsandeep opened this issue Jul 1, 2022 · 0 comments · Fixed by #2323 or #2336
Closed

Automated tagging of KEV (Known exploited vulnerabilities catalog) to CVEs #2322

ehsandeep opened this issue Jul 1, 2022 · 0 comments · Fixed by #2323 or #2336
Assignees
@Ice3man543
Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Milestone
v2.7.5

Comments

@ehsandeep
Copy link
Member

ehsandeep commented Jul 1, 2022
edited
Loading

Please describe your feature request:

Currently, tagging for KEV is done manually by the community which does not ensure to tagging of newly added templates and requires continuous effort, as this information is available on the CISA website, this process can be automated to tag available CVE's templates with cve-annotate.

How it can be done?

  1. Pull the KEV CVE IDs from here.
  2. Pull available nuclei template CVE IDs in cves/ directory and id: field.
  3. Add kev tag in tags: field of the template for common CVE IDs from both map.

Describe the use case of this feature:

Run up-to-date available known exploited vulnerabilities based cves templates using -tags kev tags.
@ehsandeep ehsandeep added the Type: Enhancement Most issues will probably ask for additions or changes. label Jul 1, 2022
@Ice3man543 Ice3man543 self-assigned this Jul 20, 2022
@Ice3man543 Ice3man543 transferred this issue from projectdiscovery/nuclei-templates Jul 20, 2022
@Ice3man543 Ice3man543 mentioned this issue Jul 20, 2022
Merged
4 tasks
@Ice3man543 Ice3man543 linked a pull request Jul 20, 2022 that will close this issue
Added CISA KEV annotation support to cve-annotate #2323
Merged
4 tasks
@ehsandeep ehsandeep added the Status: Completed Nothing further to be done with this issue. Awaiting to be closed. label Jul 21, 2022
@forgedhallpass forgedhallpass mentioned this issue Jul 22, 2022
Closed
2 tasks
@ehsandeep ehsandeep added this to the v2.7.5 milestone Jul 24, 2022
@ehsandeep ehsandeep linked a pull request Jul 24, 2022 that will close this issue
v2.7.5 #2336
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Ice3man543 Ice3man543

Labels
Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
v2.7.5
2 participants
@ehsandeep @Ice3man543