pycti.entities.opencti_vulnerability
Classes
Main Vulnerability class for OpenCTI |
Module Contents
- class pycti.entities.opencti_vulnerability.Vulnerability(opencti)[source]
Main Vulnerability class for OpenCTI
Manages vulnerability information including CVE data in the OpenCTI platform.
- Parameters:
opencti (OpenCTIApiClient) – instance of
OpenCTIApiClient
Initialize the Vulnerability instance.
- Parameters:
opencti (OpenCTIApiClient) – OpenCTI API client instance
- properties = Multiline-String[source]
Show Value
""" id standard_id entity_type parent_types spec_version created_at updated_at status { id template { id name color } } createdBy { ... on Identity { id standard_id entity_type parent_types spec_version identity_class name description roles contact_information x_opencti_aliases created modified objectLabel { id value color } } ... on Organization { x_opencti_organization_type x_opencti_reliability } ... on Individual { x_opencti_firstname x_opencti_lastname } } objectOrganization { id standard_id name } objectMarking { id standard_id entity_type definition_type definition created modified x_opencti_order x_opencti_color } objectLabel { id value color } externalReferences { edges { node { id standard_id entity_type source_name description url hash external_id created modified importFiles { edges { node { id name size metaData { mimetype version } } } } } } } revoked confidence created modified name description x_opencti_aliases x_opencti_cvss_vector_string x_opencti_cvss_base_score x_opencti_cvss_base_severity x_opencti_cvss_attack_vector x_opencti_cvss_attack_complexity x_opencti_cvss_privileges_required x_opencti_cvss_user_interaction x_opencti_cvss_scope x_opencti_cvss_confidentiality_impact x_opencti_cvss_integrity_impact x_opencti_cvss_availability_impact x_opencti_cvss_exploit_code_maturity x_opencti_cvss_remediation_level x_opencti_cvss_report_confidence x_opencti_cvss_temporal_score x_opencti_cvss_v2_vector_string x_opencti_cvss_v2_base_score x_opencti_cvss_v2_access_vector x_opencti_cvss_v2_access_complexity x_opencti_cvss_v2_authentication x_opencti_cvss_v2_confidentiality_impact x_opencti_cvss_v2_integrity_impact x_opencti_cvss_v2_availability_impact x_opencti_cvss_v2_exploitability x_opencti_cvss_v2_remediation_level x_opencti_cvss_v2_report_confidence x_opencti_cvss_v2_temporal_score x_opencti_cvss_v4_vector_string x_opencti_cvss_v4_base_score x_opencti_cvss_v4_base_severity x_opencti_cvss_v4_attack_vector x_opencti_cvss_v4_attack_complexity x_opencti_cvss_v4_attack_requirements x_opencti_cvss_v4_privileges_required x_opencti_cvss_v4_user_interaction x_opencti_cvss_v4_confidentiality_impact_v x_opencti_cvss_v4_confidentiality_impact_s x_opencti_cvss_v4_integrity_impact_v x_opencti_cvss_v4_integrity_impact_s x_opencti_cvss_v4_availability_impact_v x_opencti_cvss_v4_availability_impact_s x_opencti_cvss_v4_exploit_maturity x_opencti_cwe x_opencti_first_seen_active x_opencti_cisa_kev x_opencti_epss_score x_opencti_epss_percentile x_opencti_score importFiles { edges { node { id name size metaData { mimetype version } objectMarking { id standard_id entity_type definition_type definition created modified x_opencti_order x_opencti_color } } } } """
- static generate_id(name)[source]
Generate a STIX ID for a Vulnerability.
- Parameters:
name (str) – The name of the vulnerability (e.g., CVE ID)
- Returns:
STIX ID for the vulnerability
- Return type:
str
- static generate_id_from_data(data)[source]
Generate a STIX ID from vulnerability data.
- Parameters:
data (dict) – Dictionary containing ‘name’ key
- Returns:
STIX ID for the vulnerability
- Return type:
str
- list(**kwargs)[source]
List Vulnerability objects.
- Parameters:
filters (dict) – the filters to apply
search (str) – the search keyword
first (int) – return the first n rows from the after ID (or the beginning if not set)
after (str) – ID of the first row for pagination
orderBy (str) – field to order results by
orderMode (str) – ordering mode (asc/desc)
customAttributes (str) – custom attributes to return
getAll (bool) – whether to retrieve all results
withPagination (bool) – whether to include pagination info
- Returns:
List of Vulnerability objects
- Return type:
list
- read(**kwargs)[source]
Read a Vulnerability object.
- Parameters:
id (str) – the id of the Vulnerability
filters (dict) – the filters to apply if no id provided
customAttributes (str) – custom attributes to return
- Returns:
Vulnerability object
- Return type:
dict or None
- create(**kwargs)[source]
Create a Vulnerability object.
- Parameters:
name (str) – the name of the Vulnerability (required)
stix_id (str) – (optional) the STIX ID
createdBy (str) – (optional) the author ID
objectMarking (list) – (optional) list of marking definition IDs
objectLabel (list) – (optional) list of label IDs
externalReferences (list) – (optional) list of external reference IDs
revoked (bool) – (optional) whether the vulnerability is revoked
confidence (int) – (optional) confidence level (0-100)
lang (str) – (optional) language
created (str) – (optional) creation date
modified (str) – (optional) modification date
description (str) – (optional) description
x_opencti_aliases (list) – (optional) list of aliases
x_opencti_cvss_vector_string (str) – (optional) CVSS v3 vector string
x_opencti_cvss_base_score (float) – (optional) CVSS v3 base score
x_opencti_cvss_base_severity (str) – (optional) CVSS v3 base severity
x_opencti_cwe (str) – (optional) CWE ID
x_opencti_cisa_kev (bool) – (optional) CISA KEV flag
x_opencti_epss_score (float) – (optional) EPSS score
x_opencti_epss_percentile (float) – (optional) EPSS percentile
x_opencti_score (int) – (optional) OpenCTI score
x_opencti_first_seen_active (str) – (optional) first seen active date
x_opencti_stix_ids (list) – (optional) list of additional STIX IDs
objectOrganization (list) – (optional) list of organization IDs
x_opencti_workflow_id (str) – (optional) workflow ID
x_opencti_modified_at (str) – (optional) custom modification date
update (bool) – (optional) whether to update if exists (default: False)
files (list) – (optional) list of File objects to attach
filesMarkings (list) – (optional) list of lists of marking definition IDs for each file
- Returns:
Vulnerability object
- Return type:
dict or None
- import_from_stix2(**kwargs)[source]
Import a Vulnerability object from a STIX2 object.
- Parameters:
stixObject (dict) – the STIX2 Vulnerability object
extras (dict) – extra parameters including created_by_id, object_marking_ids, etc.
update (bool) – whether to update if the entity already exists
- Returns:
Vulnerability object
- Return type:
dict or None