diff --git a/pycti/entities/opencti_vulnerability.py b/pycti/entities/opencti_vulnerability.py index 387ef3f1d..23fbfbda5 100644 --- a/pycti/entities/opencti_vulnerability.py +++ b/pycti/entities/opencti_vulnerability.py @@ -105,6 +105,7 @@ def __init__(self, opencti): x_opencti_cvss_integrity_impact x_opencti_cvss_availability_impact x_opencti_cvss_confidentiality_impact + x_opencti_cisa_kev importFiles { edges { node { @@ -283,6 +284,7 @@ def create(self, **kwargs): x_opencti_cvss_base_score = kwargs.get("x_opencti_cvss_base_score", None) x_opencti_cvss_base_severity = kwargs.get("x_opencti_cvss_base_severity", None) x_opencti_cvss_attack_vector = kwargs.get("x_opencti_cvss_attack_vector", None) + x_opencti_cisa_kev = kwargs.get("x_opencti_cisa_kev", None) x_opencti_cvss_integrity_impact = kwargs.get( "x_opencti_cvss_integrity_impact", None ) @@ -333,6 +335,7 @@ def create(self, **kwargs): "x_opencti_cvss_integrity_impact": x_opencti_cvss_integrity_impact, "x_opencti_cvss_availability_impact": x_opencti_cvss_availability_impact, "x_opencti_cvss_confidentiality_impact": x_opencti_cvss_confidentiality_impact, + "x_opencti_cisa_kev": x_opencti_cisa_kev, "x_opencti_stix_ids": x_opencti_stix_ids, "x_opencti_workflow_id": x_opencti_workflow_id, "update": update, @@ -437,6 +440,11 @@ def import_from_stix2(self, **kwargs): stix_object["x_opencti_workflow_id"] = ( self.opencti.get_attribute_in_extension("workflow_id", stix_object) ) + if "x_opencti_cisa_kev" not in stix_object: + stix_object["x_opencti_cisa_kev"] = ( + self.opencti.get_attribute_in_extension("cisa_kev", stix_object) + ) + return self.create( stix_id=stix_object["id"], createdBy=( @@ -518,6 +526,11 @@ def import_from_stix2(self, **kwargs): if "x_opencti_workflow_id" in stix_object else None ), + x_opencti_cisa_kev=( + stix_object["x_opencti_cisa_kev"] + if "x_opencti_cisa_kev" in stix_object + else None + ), update=update, ) else: