Skip to content

Updating the nist get_nist_urls() module to take custom_driver_mappin… #820

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bminnix wants to merge 1 commit into
base: develop
Choose a base branch
from
+984 −864
Open

Updating the nist get_nist_urls() module to take custom_driver_mappin… #820

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changes/821.added
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Added the ability to provide custom driver values to get_nist_urls()
10 changes: 10 additions & 0 deletions docs/user/lib_use_cases_nist.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,11 @@ For this reason, for certain Vendor/OS combinations, a custom URL needs to be bu
- Custom URL Output - `['https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:juniper:junos:10.2r2:*:*:*:*:*:*:*', 'https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:juniper:junos:10.2:r2:*:*:*:*:*:*']`


## Custom NIST Drivers
There are vendor and OS that are widely used in the industry and others that are not. For the widely adopted options, the `netutils.lib_mapper` will contain the mappings and requests can be made via the repo to update them if something is missing that you believe should be supported there.

For the options that are not widely adopted there is the ability to use your own custom NIST driver value that will be used in the creation of the query URL.

## Examples
Here are a few examples showing how to use this in your python code.

Expand All @@ -32,9 +37,14 @@ from netutils.nist import get_nist_urls
get_nist_urls("cisco_ios", "15.5(2)S1c")
# ['https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:cisco:ios:15.5\\(2\\)s1c:*']

# Get NIST URL for the Cisco IOS object using a custom NIST driver value
get_nist_urls("cisco_ios", "15.5(2)S1c", "cisco:not_ios")
# ['https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:cisco:not_ios:15.5\\(2\\)s1c:*']

# Get NIST URL(s) for the Juniper JunOS object
get_nist_urls("juniper_junos", "10.2R2.11")
# ['https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:juniper:junos:10.2r2:*:*:*:*:*:*:*', 'https://services.nvd.nist.gov/rest/json/cves/2.0?virtualMatchString=cpe:2.3:o:juniper:junos:10.2:r2:*:*:*:*:*:*']

```

Currently known OS/Other Platform types that require a custom NIST URL:
Expand Down
20 changes: 13 additions & 7 deletions netutils/nist.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -261,12 +261,13 @@ def get_nist_vendor_platform_urls(vendor: str, platform: str, version: str) -> t
return _get_nist_urls_default(platform_data)


def get_nist_urls(network_driver: str, version: str) -> t.List[str]:
def get_nist_urls(network_driver: str, version: str, custom_driver_mapping: str = "") -> t.List[str]:
"""Generate list of possible NIST URLs for the Network Driver, and Version.

Args:
network_driver (str): Value of device network_driver (Ex: cisco_ios, arista_eos)
version (str): OS Software Platform Version
custom_driver_mapping (str): Custom network driver to NIST platform mapping string (Ex: "cisco:something_else") (Optional, None if not provided)

Returns:
t.List[str]: NIST URLs to search for possible CVE matches
Expand All @@ -275,14 +276,19 @@ def get_nist_urls(network_driver: str, version: str) -> t.List[str]:
>>> from netutils.nist import get_nist_urls
>>> get_nist_urls('cisco_ios', '15.3')
['https://services.nvd.nist.gov/rest/json/cves/2.0?cpeName=cpe:2.3:o:cisco:ios:15.3:*']
>>>
>>> get_nist_urls('cisco_ios', '15.3', 'cisco:something_else')
['https://services.nvd.nist.gov/rest/json/cves/2.0?cpeName=cpe:2.3:o:cisco:something_else:15.3:*']
"""
# DICTIONARY FOR VENDOR/PLATFORM TO NETWORK_DRIVER; UPDATE AS NEEDED
vendor_os: str = NIST_LIB_MAPPER_REVERSE.get(network_driver, "")
if custom_driver_mapping:
vendor_os = custom_driver_mapping
else:
vendor_os = NIST_LIB_MAPPER_REVERSE.get(network_driver, "")

if not vendor_os:
raise ValueError(
f"The network driver `{network_driver}` has no associated mapping, the supported drivers are {list(NIST_LIB_MAPPER_REVERSE.keys())}."
f"The network driver `{network_driver}` has no associated mapping. The supported drivers are {list(NIST_LIB_MAPPER_REVERSE.keys())}. You may also "
f"provide a custom driver mapping string in the format of 'vendor:os_name' to use a custom NIST driver value."
f"Example: get_nist_urls('cisco_ios', '15.3', 'cisco:something_else')"
)
vendor, os_name = vendor_os.split(":")

vendor, os_name = vendor_os.split(":", 1)
return get_nist_vendor_platform_urls(vendor, os_name, version)
Loading